2021 IEEE International Conference on Cyber Security and Resilience

Full Program

Summary:

This paper describes a situation awareness framework, Frankenstack, that is the result of a multi-faceted endeavor to enhance the expertise of cyber security specialists by providing them with real-time feedback during cyber security exercises and verifying the performance and applicability of monitoring tools during those exercises. Frankenstack has been redeveloped to improve data collection and processing functions and cyber attack detection capability which has combined various system and network security monitoring tools into a single cyber attack detection and exercise feedback framework.

Although Frankenstack was specifically developed for the NATO CCD COE's Crossed Swords exercise, the architecture provides a clear point of reference for others who are building such monitoring frameworks. Thus, the paper contains many technical descriptions to reduce the gap between theoretical research and practitioners seeking advice on how to implement such complex systems.

Author(s):

Mauno Pihelgas    
NATO Cooperative Cyber Defence Centre of Excellence
Estonia

Mauno Pihelgas is a Researcher at the Technology branch of the NATO Cooperative Cyber Defence Centre of Excellence since 2013. His area of expertise is monitoring, data mining and situational awareness. Prior experience includes 5 years as a monitoring administrator and developer for the largest telecommunications operator in Estonia. In addition to being a GIAC GMON Continuous Monitoring Certified Professional, he is also a Red Hat Certified System Administrator, Red Hat Certified Engineer and a Red Hat Certified Specialist in Ansible Automation. Mauno holds a Master of Science degree in Cyber Security, and has recently submitted his PhD thesis about advancing autonomy in cyber defense for review at the Tallinn University of Technology.

Markus Kont    
Stamus Networks
Estonia

 


Copyright © 2021 SUMMIT-TEC GROUP LTD