NASK is a research institute active in Poland since March 1991. The specific groups that take part in the project are CERT Polska and Network and Information Security Methods Team (NISM). CERT Polska is the national CERT for Poland and has been operational since 1996. The NISM Team exists as a separate unit in the NASK's Research Division since 2009. Research includes advanced data analysis methods, trust management, threat detection methods, industrial network security, IoT security, etc.
NASK acts as SISSDEN's coordinator and is providing infrastructure for the data collection activity of the project. NASK is also involved in most of the activities of the project.
Stichting The Shadowserver Foundation Europe Netherlands
Since 2004, Shadowserver has been investigating malicious Internet activity, collecting malware with its related analysis and meta data, working with Law Enforcement in various capacities, and sharing infection and malicious data with appropriate network owners. Shadowserver also provides educational presentations worldwide while encouraging the open sharing of data within the security industry and with vendor and government organizations.
In SISSDEN, Shadowserver will contribute to:
- the architectural design of the entire system from how the end-points will communicate and data is collected to how data is stored and utilised into other components of SISSDEN
- the packaging and deployment of all endpoints and servers related to the operations of the active data collection operation
- the analysis of data for the purpose of creating a curated data set, as well as free of charge daily reports to network owners via existing reporting channels
- the analysis of collected malware via sandboxing and antivirus testing, to allow sharing of results in a concise and easy manner
Montimage is a research-oriented French SME created in 2004 and located in Paris. It specialises in software development, testing services, and editor of monitoring and testing tools. The tools are oriented to help developers and operators improve the quality and reliability of their services. Montimage relies on innovation to deliver competitive tools and the know-how that provide end-to-end monitoring solutions integrating security, functional, and QoS analysis of network communications. The integrated Montimage’s set of tools makes it possible to perform DPI-based traffic inspection and Business Activity Monitoring in complex distributed environments, making use of formal models to specify both expected behaviours and attacks.
In SISSDEN, Montimage is adapting and extending its network analysis probe so that it can be easily deployed and used to analyse captured honeypot and darknet network traffic and correlate threat information.
CyberDefcon United Kingdom
CyberDefcon is an independent SME dedicated to the pursuit of making the Internet a safer place. Its bespoke mix of community-based research, services and products provides clients and partners with the tools and information necessary to prevent, resolve and analyse cybercrime. The CyberDefcon team is dedicated to making the internet more secure and to developing new technologies and techniques that give control back to website operators and service providers. CyberDefcon believes in encouraging a proactive and preventative approach to security.
CyberDefcon brings to SISSDEN its proven experience in the development of innovative threat analysis technologies. Specifically, it brings three key expertises: darknet analysis techniques; large-scale deployment; and, in the commercialisation, market assessment, and business plan execution of the project's results.
Universitaet des Saarlandes Germany
Saarland University (USAAR) is located in Saarbrücken, Germany and is one of the leading Computer Science universities in Europe. Its leading IT security nucleus CISPA, the Center for IT-Security, Privacy, and Accountability, was founded in October 2011 as a competence centre for IT security at Saarland University. It is a joint endeavour of Saarland University (UdS) and its on-site partner institutions: the Max Planck Institute for Informatics (MPI-INF), the Max Planck Institute for Software Systems (MPI-SWS), and the German Research Center for Artificial Intelligence (DFKI).
In SISSDEN, CISPA participates as the only academic partner. As such, its main focus is to explore novel methods and advance the current state of science in cybersecurity.
Deutsche Telekom AG Germany
Deutsche Telekom AG (DTAG) is one of the world’s leading integrated telecommunications companies with over 142 million mobile customers, 31 million fixed-network lines and over 17 million broadband lines (as of December 31, 2013). The Group provides fixed-network, mobile communications, Internet and IPTV products and services for consumers, and ICT solutions for business and corporate customers. Deutsche Telekom is present in around 50 countries and has approximately 229,000 employees worldwide.
DTAG contributes to SISSDEN with the experience gathered in the last years regarding setup and operation of their own Early Warning System, dedicated for identifying infected customer systems and automating abuse notifications about possible security breaches and malware infections.
Eclexys Sagl Switzerland
ECLEXYS SAGL is a Swiss privately owned company founded in 2005, active in the fields of data communication and security, whose core business is the development and sales of solutions and services addressing specific, technology demanding, requirements. ECLEXYS combines hardware and software expertise while keeping a strong focus on innovation, performance, optimization and integration aspects.
ECLEXYS provides the view and experience of an SME active in the security market of its customers, which cover a wide scenario from SOHO, to SME and ME, up to governmental institutions.
It provides as a SISSDEN testbed its EXYS9000 product line: a set of appliances targeting specific security objectives like firewalling (EXYS9000-EFS) and an endpoint tunneling system (EXYS9000-ETS). This will serve for the development of new analysis tools aiming at implementing a machine oriented behavioural analysis framework that will be a module of SISSDEN's core system.
Poste Italiane Italy
Poste Italiane is recognized as the Italian national and international benchmark in postal, courier, logistics, finance, insurance and, most recently, the mobile phone market segments.
Poste Italiane, as one of the CERTs that will be involved in the SISSDEN project and thanks to its expertise in the management and defense of ICT critical infrastructures, defines and implements use-cases in the Pilot phase which will demonstrate the validity of the SISSDEN system running in an operational environment.