Observatorio de I+D+i UPM

Memorias de investigación
Research Project:
MASSIF: Management of security information and events in service infrastructures
Year:2011
Research Areas
Information
Abstract

The main objective of MASSIF is to achieve a significant advance in the area of Security Information and Event Management (SIEM). On the base of proper multi-level event correlation MASSIF will provide innovation techniques in order to enable the detection of upcoming security threats and trigger remediation actions even before the occurrence of possible security incidences. Thus, MASSIF will develop a new generation SIEM framework for service infrastructures supporting intelligent, scalable, and multi-level/multi-domain security event processing and predictive security monitoring. Such service-level SIEM involves the modelling and formal validation of security, including trusted computing concepts (Fraunhofer), architecture for dependable and resilient collection of service events (Uni. Lisboa), supported by an extremely scalable and high performance event collection and processing framework (UPM), in the context of service-level attack models (SPIIRAS).

Four industrial domains serve as a source for requirements and to validate and demonstrate project results: (i) Olympic Games IT infrastructure deployed and managed by Atos Origin; (ii) France Telecom scenario on "Mobile phone based money transfer service" facing security events, especially for the "non-IT" and "service" events; (iii) T-Systems South Africa provides managed IT outsource services with a high degree of complexity in setting up SIEM systems for large distributed enterprises; and (iv) Epsilon (an SME) will demonstrate the use of the advanced concepts of SIEM in an IT system supporting a critical infrastructure (dam).

Deep insight into the current and near future industrial state-of-art is provided by
(1) AlienVault, as the creator and maintainer of the leading open source SIEM product (OSSIM),
(2) Integration of MASSIF results into Prelude (second largest open source SIEM product) by Institut Telecom, and
(3) Use and Deployment of huge installations of commercial SIEM products.

International
Si
Project type
Proyectos y convenios en convocatorias públicas competitivas
Company
Comisión Europea
Entity Nationality
BELGICA
Entity size
Grande
Granting date
08/09/2010
Participants
  • Director: Ricardo Jimenez Peris (UPM)
  • Participante: Marta Patiño Martinez (UPM)
  • Participante: Tonghong Li (UPM)
  • Participante: Vincenzo Massimiliano Gulisano . (UPM)
  • Participante: Luis Mengual Galan (UPM)
  • Participante: Luis Rodero Merino (UPM)
  • Participante: Jose Ernesto Jimenez Merino (UPM)
  • Participante: Claudio Soriente . (UPM)
  • Participante: Valerio Vianello . (UPM)
Research Group, Departaments and Institutes related
  • Centro o Instituto I+D+i: Centro de tecnología Biomédica CTB
  • Grupo de Investigación: Distributed Systems Labs (LSD) Laboratorio de sistemas distribuidos
S2i 2019 Observatorio de investigación @ UPM con la colaboración del Consejo Social UPM
Cofinanciación del MINECO en el marco del Programa INNCIDE 2011 (OTR-2011-0236)
Cofinanciación del MINECO en el marco del Programa INNPACTO (IPT-020000-2010-22)