TUM Logo

MANTRA: A Graph-based Unified Information Aggregation Foundation for Enhancing Cybersecurity Management in Critical Infrastructures

The digitization of almost all sectors of life and the quickly growing complexity of interrelationships between actors in this digital world leads to a dramatically increasing attack surface regarding both direct and also indirect attacks over the supply chain. These supply chain attacks can have different characters, e.g., vulnerabilities and backdoors in hardware and software, illegitimate access by compromised service providers, or trust relationships to suppliers and customers exploited in the course of business email compromise. To address this challenge and create visibility along these supply chains, threat-related data needs to be rapidly exchanged and correlated over organizational borders. The publicly funded project MANTRA is meant to create a secure and resilient framework for real-time exchange of cyberattack patterns and automated, contextualized risk management. The novel graph-based approach provides benefits for automation regarding cybersecurity management, especially when it comes to prioriization of measures for risk reduction and during active defense against cyberattacks. In this paper, we outline MANTRA’s scope, objectives, envisioned scientific approach, and challenges.

MANTRA: A Graph-based Unified Information Aggregation Foundation for Enhancing Cybersecurity Management in Critical Infrastructures

Open Identity Summit 2023

Authors: Phillip Fuxen, Rudolf Hackenberg, Michael Heinl, Mirko Ross, Heiko Rossnagel, Christian Schunck, and Raphael Yahalom
Year/month: 2023/
Booktitle: Open Identity Summit 2023
Fulltext: click here

Abstract

The digitization of almost all sectors of life and the quickly growing complexity of interrelationships between actors in this digital world leads to a dramatically increasing attack surface regarding both direct and also indirect attacks over the supply chain. These supply chain attacks can have different characters, e.g., vulnerabilities and backdoors in hardware and software, illegitimate access by compromised service providers, or trust relationships to suppliers and customers exploited in the course of business email compromise. To address this challenge and create visibility along these supply chains, threat-related data needs to be rapidly exchanged and correlated over organizational borders. The publicly funded project MANTRA is meant to create a secure and resilient framework for real-time exchange of cyberattack patterns and automated, contextualized risk management. The novel graph-based approach provides benefits for automation regarding cybersecurity management, especially when it comes to prioriization of measures for risk reduction and during active defense against cyberattacks. In this paper, we outline MANTRA’s scope, objectives, envisioned scientific approach, and challenges.

Bibtex:

@inproceedings {
author = { Phillip Fuxen and Rudolf Hackenberg and Michael Heinl and Mirko Ross and Heiko Rossnagel and Christian Schunck and Raphael Yahalom},
title = { MANTRA: A Graph-based Unified Information Aggregation Foundation for Enhancing Cybersecurity Management in Critical Infrastructures },
year = { 2023 },
booktitle = { Open Identity Summit 2023 },
url = { https://doi.org/10.18420/OID2023_10 },

}