The main goal is to provide an intelligent, collaborative, open, distributed and dynamic platform (a set of tools and services) for sharing information about cyber-threats, vulnerabilities, coordinated attacks and its targets. It will integrate existing ontologies, taxonomies, models and sharing platforms into one platform that can integrate different sources with different taxonomies and standards. The new semantic knowledge base platform can be used for designing new inference rules and applying methods of artificial intelligence to enable intelligent analytics of existing data and their smart sharing in a new way. The project community will aggregate information about incidents together with additional information (e.g. technics used in attacks) from and provide it to trusted sources and communities such as national CERTs from EU and NATO members and partners, government, non-government, research organizations and private companies. To do this, it is necessary to create a uniform language for the description of individual techniques and procedures in the attacks. Many experts or security analysts can share their knowledge about attacks or campaigns through ORBIS system that will have a public and a private part. Sharing of knowledge can significantly contribute to the early detection of new attacks or campaigns, both for private blocks and for the public.
Project leader: Anders Fjelstad
Institution: HAFENSTROM AS