The Evolution of the CRUSOE Toolset: Enhancing Decision Support in Network Security Management

Investor logo
Authors

HUSÁK Martin SADLEK Lukáš HESKO Martin ŠEBELA Vít ŠPAČEK Stanislav

Year of publication 2024
Type Article in Proceedings
Conference 20th International Conference on Network and Service Management, CNSM 2024
MU Faculty or unit

Institute of Computer Science

Citation
web https://opendl.ifip-tc6.org/db/conf/cnsm/cnsm2024/1571059474.pdf
Attached files
Description This demo paper presents the recent development of the CRUSOE toolset. CRUSOE enables cyber situational awareness and provides decision support for network security management. The first public version from 2021 used a combination of active and passive network monitoring to enumerate cyber assets and discover their vulnerabilities, visualize the collected data in a dashboard, conduct a risk assessment to recommend the most resilient infrastructure configuration, and facilitate attack mitigation. It also used novel approaches, such as a graph database for storing the data on cyber assets, which essentially became a knowledge graph for network security management. In the recent development, we managed to automate the deployment of CRUSOE via Ansible and Docker. Further, we implemented additional recommender systems and attack impact assessment capabilities and their visualizations. Finally, several sample datasets were created to facilitate the demonstration of the toolset and to enable testing it without one's data.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.

More info