Přehled o publikaci
2024
The Evolution of the CRUSOE Toolset: Enhancing Decision Support in Network Security Management
HUSÁK, Martin; Lukáš SADLEK; Martin HESKO; Vít ŠEBELA; Stanislav ŠPAČEK et al.Basic information
Original name
The Evolution of the CRUSOE Toolset: Enhancing Decision Support in Network Security Management
Authors
HUSÁK, Martin; Lukáš SADLEK; Martin HESKO; Vít ŠEBELA and Stanislav ŠPAČEK
Edition
New York, NY, 2024 20th International Conference on Network and Service Management (CNSM), p. 1-3, 3 pp. 2024
Publisher
IEEE
Other information
Language
English
Type of outcome
Proceedings paper
Country of publisher
United States of America
Confidentiality degree
is not subject to a state or trade secret
Publication form
electronic version available online
Marked to be transferred to RIV
No
Organization
Ústav výpočetní techniky – Repository – Repository
ISBN
979-8-3315-0515-8
ISSN
UT WoS
EID Scopus
Keywords in English
decision support;network security management;incident response;orchestration;automation
Links
EH22_010/0003229, research and development project. MUNI/A/1586/2023, interní kód Repo.
Changed: 1/4/2025 00:50, RNDr. Daniel Jakubík
Abstract
In the original language
This demo paper presents the recent development of the CRUSOE toolset. CRUSOE enables cyber situational awareness and provides decision support for network security management. The first public version from 2021 used a combination of active and passive network monitoring to enumerate cyber assets and discover their vulnerabilities, visualize the collected data in a dashboard, conduct a risk assessment to recommend the most resilient infrastructure configuration, and facilitate attack mitigation. It also used novel approaches, such as a graph database for storing the data on cyber assets, which essentially became a knowledge graph for network security management. In the recent development, we managed to automate the deployment of CRUSOE via Ansible and Docker. Further, we implemented additional recommender systems and attack impact assessment capabilities and their visualizations. Finally, several sample datasets were created to facilitate the demonstration of the toolset and to enable testing it without one's data.
