PREMIERE - Pervasive, Reliable, and Measurable Incident Response

Home » PREMIERE - Pervasive, Reliable, and Measurable Incident Response
Date: 
01/06/2017 to 31/12/2019

Project Description:

The vast majority of research in computer security is dedicated to the design of detection, protection, and prevention solutions. While these techniques play a critical role to increase the security and privacy of our digital infrastructure, it is enough to look at the news to understand that it is not a matter of “if” our systems will be compromised, but only a matter of “when”. It is a well known fact that there is no 100% secure system, and that there is no practical way to prevent attackers with enough resources from breaking into sensitive targets.

Therefore, we need to develop scientific techniques to timely and precisely analyze computer security incidents and compromised systems. Unfortunately, the area of incident response received very little research attention, and it is still largely considered an art more than a science because of its lack of a proper theoretical and scientific background. PREMIERE promotes a new generation of Digital Forensics and Incident Response (DFIR) techniques, introducing a solid scientific methodology to this often neglected field. To achieve this broad objective, the project focuses on three fundamental problems: the poor and often unproven reliability of current DFIR techniques, the increasing diversity of data sources that need to be analyzed, and the scarce availability of forensic information provided by software and systems.

To solve these problems, PREMIERE proposes a groundbreaking, proactive methodology to support forensic analysis by design. It also introduces new methods to systematically measure the limitations of current techniques and improve current DFIR solutions. The new techniques proposed by PREMIERE are evaluated on real-world scenarios taken from different domains, including embedded systems and the Internet of Things, distributed Internet services, and the emerging area of cyber-insurance. All together, they allow the project to build a holistic view of the incident analysis and response problem.

Week: 
Wednesday, 12 December, 2018

News

The European Commission has launched a call for applications to select members of the Stakeholder Cybersecurity Certification Group (SCCG). Submission of application is until 17th September 2019.

 

Future Events

The 14th International Conference on Availability, Reliability and Security (ARES 2019), will be held from August 26 to August 29, 2019 at the University of Kent, Canterbury, UK.

26/08/2019 to 29/08/2019

PROTECTIVE is co-organising the 2nd International Workshop on Cyber Threat Intelligence Management(CyberTIM 2019) as apart of the ARES 2019 conference in the UK on 26-29 August 2019.

26/08/2019 to 29/08/2019