CISDeM Command-and-Control Centre (CIS-CON)

ABSTRACT

The objective of this track is to design and construct a prototype of the CISDeM command-and-control centre (CIS-CON) with focus on adaptive network control and defence based on multimodal data including predictive intelligence, online monitoring, and forensics reviews. CIS-CON encompasses a suite of algorithms, software tools, and interfaces towards fast (including real-time), reliable, and robust decision making against network threats and attacks. The current system functions across a wide range of testbed configurations in scale, topology, and use of virtualization vs. real hardware. By automating and integrating crucial functional modules including traffic (and attacker traffic) generation, firewall, flow- and link-based statistical analysis of (global) traffic, complementary approaches for attack detection (e.g., signature- and behaviour-based), and programmable security and network policies, CIS-CON facilitates deployments in diverse settings, and reduces reliance on manual intervention to achieve fast responses and minimized room for operator errors.