Projects per year
The functional requirements for EVE and ADAM were based on the unique cyber exercise needs for analysis and game development, and were finalised after we had completed a state-of-the-art review to look for suitable tools that could meet our requirements.
The main purpose of EVE is to visualise security alerts on any given network map. ADAM, the supporting events aggregation module, processes, combines and filters incoming notifications from various types of sensors, and makes them ready to be visualised by EVE. EVE offers an intuitive and real-time visualisation that is easily understandable at first glance by both technical and non-technical staff. It also allows for recording and playback, and considers attack types, game phases, attack sources, and targets.
The information required by EVE is obtained from different sensors operating on the network. EVE allows for a very simplified communication channel with them, based on JSON formatted messages sent over an HTTP POST request. The sensors used during the cyber exercises to test the tools are also described here.
The tools have provided an enhanced situation awareness experience over previous cyber exercises organised by NATO CCDCOE, and can be used in other exercises or, more generally, in real-life, production-ready environments. EVE (with ADAM included)
|Title of host publication||Cyber Physical Security of Defense Systems|
|Subtitle of host publication||STO - Meeting proceedings|
|Editors||Xuewen Chen, Bo Luo, Feng Luo, Vasile Palade, M. Arif Wani|
|Number of pages||15|
|Publication status||Published - 28 May 2018|
|MoE publication type||B3 Non-refereed article in conference proceedings|
|Event||Systems Concepts and Integration (SCI) Panel SCI-300 Specialists’ Meeting on ‘Cyber Physical Security of Defense Systems’ - Fort Walton Beach, United States|
Duration: 8 May 2018 → 9 May 2018
|Seminar||Systems Concepts and Integration (SCI) Panel SCI-300 Specialists’ Meeting on ‘Cyber Physical Security of Defense Systems’|
|Period||8/05/18 → 9/05/18|
- network maps
- situation awareness
FingerprintDive into the research topics of 'EVE and ADAM: Situation Awareness Tools for NATO CCDCOE Cyber Exercises'. Together they form a unique fingerprint.
- 1 Finished
Savolainen, P., Savola, R., Vähä-Heikkilä, T. & Honka, H.
1/04/16 → 30/04/19
Project: Business Finland project