PANDORA - Cyber Defence Platform for Real-time Threat Hunting, Incident Response and Information Sharing

Ico_CTTC
Start: 01/12/2020
End: 30/11/2022
Funding: European
Status: Completed
Research unit:
Geomatics (GM)
Acronym: PANDORA
Call ID: EDIDP-CSAMN-2019
Code: SI2.835928

The PANDORA project aims at contributing to EU cyber defence capacity building, by designing and implementing an open technical solution for real-time threat hunting and incident response, focusing on end point protection, as well as information sharing. The PANDORA system will be able to promptly detect and classify known and unknown threats, enforce policies on-the-fly to counter these threats, and also exchange threat intelligence information with third parties, at both national and international level.

In specific, the technical solutions developed in PANDORA will:

  • Collect information (metrics, traffic, indicators of compromise etc.) from endpoints and network elements.
  • Detect and classify security incidents, both known (based on signatures and IoCs) and unknown (based on inferred anomalies and suspicious behaviours), also leveraging Machine Learning techniques.
  • Suggest mitigation actions and policies – and enforce them automatically upon confirmation.
  • Import and export incident information and threat intelligence to/from national and international information sharing platforms.
  • Expose interfaces, both graphical and programmatic, with role-based access control, to support Security Operations and allow in-depth investigations in case of an incident.

The technical solution developed in PANDORA will be integrated and assessed in a pre-operational environment against two relevant use cases: warship security and military sensor network security.
PANDORA will be fully aligned with the scope and objectives of the PESCO project entitled “Cyber Threats and Incident Response Information Sharing Platform (CTISP)”.

Christos Verykoukis
PI/Project Leader
Jordi Serra
PI/Project Leader
Jordi Serra
PI/Project Leader
David Pubill
Researcher
Jordi Serra
Researcher
Luis Sanabria
Researcher
Hatim Chergui
Researcher
David Pubill
Researcher
Hatim Chergui
Researcher
Space Hellas
Coordinator
Centre Tecnològic de Telecomunicacions de Catalunya
Austrian Institute of Technology
Thales Group
Naval Group
GMV Innovating Solutions
Infili Technologies SA
UBITECH Ubiquitous Solutions
Orion Innovation
Gatewatcher
HM Elektronikai, Logisztikai és Vagyonkezelő Zártkörűen Működő Részvénytársaság
Inesctec
Nviso
Cinamil Militar Academy Research Center
Cyberservices
No results found