Cybersecurity: data, information and risk (CIBERDINE)

Funded by: Comunidad Autónoma de Madrid. CIBERDINE. S2013/ICE-3095

Dates: 2014-2018
Research Groups: COSEC –Coordinador– (Universidad Carlos III de Madrid); AIDA (Universidad
Autónoma de Madrid), GICSI (Consejo Superior de Investigaciones Científicas).

Associates Companies and Institution: Mando Conjunto de la Ciberdefensa (MCCD); Centro
Universitario de la Guardia Civil (CUGC); Centro Criptológico Nacional/Centro Nacional de
Inteligencia (CCN/CNI); Instituto Nacional de Ciberseguridad (INCIBE); Grupo Banco Santander;
Epoche & Espri.



This project aims at strengthening our capabilities to prevent, detect, and respond to cyberattacks
by developing techniques that improve situational awareness and cater for a dynamic threat
management. To do so, we propose an interdisciplinary research program that tackles three
important challenges in cybersecurity research.
Firstly, interdependences among networks and information systems are forcing us to adopt
cooperative strategies where entities of a very different nature exchange information about
vulnerabilities, threats, actors, tactics, ongoing incidents, countermeasures, etc. However,
organizations are extremely reluctant to openly share such information. This calls for models and
technologies that facilitate sharing by determining what to share, when, with whom, as well as
reasoning about the repercussions of sharing confidential data. Secondly, an improved defense
capability requires a deeper and more intelligent analysis of all events that take place in the
network. This requires to adapt, and develop where necessary, Big Data technologies to analyze
massive amounts of securityrelated information.
Finally, an effective threat management system needs to put in context available information,
automatically derive dynamic risk levels for all systems, and support decisions about the selection
and deployment of optimal countermeasures.