The main objective of the research is to design a framework for collaborative analysis of Cyber-Threat Information (CTI). The framework itself requires automated data preprocessing for fast and effective analysis and secure information sharing among parties involved in the process. However, often CTI includes sensitive data (private and confidential information) that might be used illegally. Often, intruders use sensitive information in performing attacks on systems (e.g., injection attacks). Considering an increased number of attacks on Critical Infrastructures (CI) such as Industrial Control Systems and Smart Grids, and taking into account consequences of attacks, the development of new solutions for cybersecurity of these systems become more crucial.
The emphasis of the research is developing a security management framework for secure analysis and sharing of CTI in Industrial Control Systems. The framework will integrate intrusion detection techniques, threat, and vulnerability assessment, secure information sharing, and decision making based on the analyzed information.
Moreover, my work will focus on the practical development of new security solutions for solving issues related to communication and data access in ICS.