ACSOC

Politecnico di Bari (POLIBA) is the beneficiary of a non-reimbursable financing for the implementation of “Advanced Cooperative Security Operation Centres” – ACSOC project, under the grant agreement no. 101190248. The project is financed through granting authority: European Cybersecurity Industrial, Technology and Research Competence Centre, under the call DIGITAL-ECCC-2024-DEPLOY-CYBER-06-ENABLINGTECH topic, type of action: DIGITAL JU Simple Grants.

Partners of the project:

Coordinator: ALMAVIVA THE ITALIAN INNOVATION COMPANY SPA – ALMAVIVA (Italy)

Partners:

  • POLITECNICO DI BARI – POLIBA (Italy)
  • DIRECTORATUL NATIONAL DE SECURITATE CIBERNETICA – DNSC (Romania)
  • THE FACTORY IKE – JOIST (Greece)

Duration of the project: 36 months, starting 1st of January 2025

Project budget (maximum grant amount): € 3,037,730.00 /1,518,865.00

POLIBA budget: € 389,159.00

The overall objective of the ACSOC project is to introduce new enabling technologies and process innovations to empower SOCs operational capacity, including their ability to cooperate with CERTs and CSIRTs.

Project introduced enhanced AI-based cybersecurity tools and guidelines for policy and procedures accomplishing NIS2 and other EU directives, can give to SOCs relevant contribution to setup an ecosystem acting as a hub within the European SOC context, developing national and Cross-border cooperation. Enhanced platforms can strengthen SOC capacities to analyse, detect and prevent cyber threats and incidents supporting the production of high-quality intelligence on cyber threats. SOC operations deal with fast evolving threats demanding them to efficiently work and cooperate with other similar entities at national and international level in which Threat Intelligence and Anomaly Detection are key tools. These requirements must be taken into consideration to ensure for each SOC an adequate level of control over the information to be managed in relation to its criticality, confidentiality and aspects related to the GDPR. To keep pace with every day evolving threads, ACSOC will introduce advanced tools based on AI and other innovative technologies (e.g. Federated Machine Learning) for SOC operations without losing the control on managed information considering their criticality, confidentiality and GDPR connected aspects. Introduced tools will comprehend evolutions of existing ones, among which Lucy (for Threat Intelligence) and Sofia (for Anomaly Detection) which are parts of Almaviva CybeRiskVision framework. ACSOC will give end users’ organizations simple to use Indicators of Compromise about their security posture and information about general evolution of security area (such as evolving threats, vulnerabilities, etc.), which represents a fast and easy way to use services enabling SME cybersecurity capacities, since they do not require specialized security knowledge.

Objectives of the project:

Enabling technologies and process innovations to empower SOCs operational capacity
ACSOC will Introduce new enabling technologies (primarily AI powered) and process innovations to empower SOCs operational capacity, including their ability to cooperate with CERTs and CSIRTs. These European original enabling technologies will allow more effective creation and analysis of Cyber Threat Intelligence (CTI), as well as faster and scalable processing of CTI and identification of patterns allowing rapid detection and decision making.
Enabling technology including Indicators of Compromise (IoC) about their security posture and synthetic information about evolutions of cybersecurity
The provided services will allow end user organizations to employ Indicators of Compromise (IoC) about their security posture and synthetic information about evolutions of cybersecurity area (such as evolving threats, vulnerabilities, etc.). These services, efficiently sharing synthetic controlled cybersecurity information among National Authorities, Security Service Provider and end user organization, will strengthen capacities to analyse, detect and prevent cyber threats and incidents, and will support the production of interoperable high-quality intelligence on cyber threats.
Guidelines for policy and procedures accomplishing EU and National Regulations
ACSOC project will introduce guidelines for policy and procedures accomplishing EU and national regulations (including NIS2 directive, AI Act, and other similar EU and National ones) which, considering new introduced tools and services, can give SOCs / CERTs / CSIRTs relevant contribution to setup an ecosystem acting as a hub within the European SOC context, developing national and Cross-border cooperation. In this context possibility to integrate ACSOC results with ENISA Cyclone Network will be considered. This work can eventually identify potential criticality and or elements to be evaluated to suggest EU regulation evolutions in line with technological evolution.

In collaboration with...

More on the ACSOC Project

The ACSOC project has received funding from the European Union’s Digital Europe Programme under the grant agreement no. 101190248. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or the European Cybersecurity Industrial, Technology and Research Competence Centre. Neither the European Union nor the granting authority can be held responsible for them.
More Info