INTERSOC

The INTERSOC project envisions to improve disruption preparedness, resilience of digital infrastructures and capacity building, through advanced threat forecasting, cyber-incident detection and response capabilities at national and EU level, and dedicated training sessions in digital infrastructure security, while respecting privacy and other fundamental rights. To achieve this, INTERSOC designs and develops a user-centric, intelligent threat defence and decision support platform, by uniquely combining: (1) highly sophisticated network and system behavioural monitoring towards the identification of anomalies caused by novel multi-faceted attacks, achieved by enhancing traditional SIEMs and IDS with behavioural and decisional Artificial Intelligence (AI) algorithms; (2) a low-code approach to security orchestration and incident management automation; (3) decentralised, confidential Cyber Threat Information (CTI) sharing based on peer-to-peer networks, in compliance with the EU regulatory framework; (4) trust models and trustworthy technology fine-tuned to address trust relationships when sharing information over the internet; (5) risk and threat analysis, impact assessment and risk treatment to identify, analyse and eliminate security threats and vulnerabilities of the pilot systems; (6) enhanced penetration tools and methodologies tackling emerging vulnerabilities; (7) cutting-edge Trustworthy AI algorithms developed in line with the evolving EU regulatory framework (e.g. proposal for AI Act) and standardisation working groups (e.g. CEN/CLC JTC21 WG4); and (8) a cyber-range-type virtualisation platform that facilitates the deployment and hosting of advanced red/blue team exercises, fostering capacity building and enhancing user awareness.

The INTERSOC solution will be validated in three diverse sectors – banking, energy and CSIRT training – over a set of carefully selected use-cases. The project addresses the DIGITAL-ECCC-2022-CYBER-B-03-SOC topic of the Call, which targets the capacity building of Security Operation Centres (SOCs), and contributes directly to the objectives of the Digital Europe Programme, the EU Cybersecurity Strategy for the Digital Decade and the requirements of the NIS2 Directive.

ITI-CERTH participates in INTERSOC as the Innovation Manager and leads WP4 (Trustworthy Response and Recovery System), as well as Task T3.1 (Behavioural Intrusion Detection and Prevention Systems) and Task T4.2 (Next Generation SIEM). Within these activities, ITI contributes to the development of behavioural intrusion detection and prevention systems (BIDS/BIPS) leveraging AI/ML techniques and continual learning algorithms; the development of a next-generation SIEM that integrates enhanced data collection, behavioural analytics and real-time anomaly detection; the development of the CTI sharing system and CTI sharing taxonomy; and the integration of the project components into the unified INTERSOC platform. As Innovation Manager, ITI further coordinates the alignment of technical results with business opportunities, supporting the exploitation and dissemination of the project outcomes.

Consortium

Eximprod Engineering S.A. (EPG), Romania (Coordinator)
Aristotle University of Thessaloniki (AUTH), Greece
ASM Terni SpA (ASM), Italy
CaixaBank SA (CAIXA), Spain
Centre for Research and Technology – Hellas (CERTH), Greece
Clone Systems CY Ltd (CLONE), Cyprus
CyberEthics Lab SRLS (CEL), Italy
Directoratul National de Securitate Cibernetica (DNSC), Romania
International Hellenic University (IHU), Greece
SQS Business Services SRL (SQS), Romania
Southeast Electricity Network Coordination Center SELENE CC (SELENE), Greece