The core infrastructure element of SISSDEN is a new beyond state-of-the-art worldwide sensor network, which will be deployed and operated by the project consortium. This passive threat data collection mechanism will be highly scalable and complemented by behavioural analysis of malware from multiple internal and external data sources. Actionable information produced by SISSDEN will be used for the purposes of no-cost victim notification and remediation, via organisations such as National CERTs, ISPs, hosting providers and Law Enforcement Agencies, such as Europol’s European Cybercrime Centre (EC3). SISSDEN will be of particular benefit to SMEs and citizens, who lack the capability to resist threats alone, and will enable them to participate in this global effort. All SISSDEN constituents will benefit from improved data collection, information processing, analysis and exchange of security intelligence: significant improvements in cybercrime prevention and constituents’ ability to counter security breaches/threats.
SISSDEN will deliver multiple new high-quality and trusted feeds of salient actionable security information that will be used for remediation purposes and for proactive tightening of computer defences, at no cost to the recipients. These unique new data feeds will be possible thanks to the development and deployment of a large distributed sensor network based on beyond state-of-the-art honeypot/darknet technologies, enhanced sandbox systems and the creation of a high-throughput automated data processing and sharing centre based in Europe. SISSDEN will not only provide in-depth analytics on the collected data, but will also develop metrics that will be used to establish the scale of some measurable security issues within the EU. Finally, a curated reference data set will be created and published, to provide a ground breaking, high-value resource to academia and researchers in the field, thereby encouraging future innovation and continued security research excellence in Europe.