Project Objectives

The main objective of SAPPAN is to develop a cyber threat intelligence system that decreases the effort required by a security analyst today to come up with a suitable response to and a way to recover from an attack. We aim to reach this goal with the help of scalable, distributed, privacy-preserving and usable cyber threat intelligence, which allows for massive data acquisition from multiple sources, advanced analytics on shared information and intelligence sharing. In particular, the objectives of SAPPAN are:

  • SAPPAN improves on scalability regarding volume and speed of data processing via scalable distributed architecture for Big Data processing
  • SAPPAN will enable advanced threat detection with increased precision
  • Privacy-preserving cyber threat intelligence sharing to support federated detection and response
  • SAPPAN will develop a standard for modelling incident response and recovery information
  • SAPPAN will enable timely local response and recovery processes based on global knowledge
  • SAPPAN will enable privacy-preserving outsourcing of cyber threat handling for small and midsize companies
  • SAPPAN will increase the interpretability of threat intelligence by advanced visualisation technique