Research title
Cybersecurity Awareness and Knowledge Systemic High-level Application (YAKSHA)

Research timeline
1.1.2018 -

Keywords
ASEAN, business model, Cybersecurity, cybersecurity ecosystem, honeypots, innovation action, malware

Region
Asia

Countries
BULGARIA, FINLAND, FRANCE, GREECE, ITALY, MALAYSIA, PORTUGAL, SPAIN, THAILAND, VIET NAM

Institution
VTT Technical Research Centre of Finland
Innovations, Economy and Policy
Espoo, Finland

Type of project
Research, Development and Innovation

Funding instrument
European Union Funding

Head of research
N/A

Research team
Maria Lima Toivanen, Nina Rilla, Jouko Myllyoja, Jarno Salonen, Jani Suomalainen, Jukka Hemilä

Partners
Sociedade Portuguesa de Inovacao (SPI), VTT Technical Research Centre of Finland, University of Piraeus, StudioAG, INNO TSD, MOTIVIAN EOOD, OTE Research, ATOS, Vietnam Software and IT Services Association, Cybersecurity Malaysia, National Science and Technology Development Agency, ASEAN Chief Information Officer Association, Digital Identity Solutions Vietnam

Record last updated
25.1.2018

Research summary

YAKSHA supports current EU-ASEAN cooperation dialogue, which include security and defence, with emphasis on non-traditional areas, such as cybersecurity. YAKSHA develop software to prevent cybercrime in the ASEAN region, leveraging EU-ASEAN knowledge and most recent technology advances to reach this goal. YAKSHA will implement true collaboration in the field, co-creating technologies that are able to respond to real user requirements and needs. Through a series of events, YAKSHA will promote knowledge sharing as well as will develop a business ecosystem of partners to commercialize the solution after end of the project.

Description

YAKSHA is a distributed system which allows the automated deployment of honeypots, data collection and analysis as well as reporting and information sharing with affiliated YAKSHA installations. The modular and distributed nature of YAKSHA allows it to cater for both opportunistic and continuous sample collection, and selective information sharing with other entities when deemed necessary. YAKSHA will therefore enable organisations, companies and government agencies to upload custom honeypots that meet their own specifications, monitor attacks in real time and analyse them. However, since some of these honeypots may expose corporate or organisation specific vulnerabilities, each YAKSHA node may specify policies for information sharing per honeypot, attack pattern, affiliated nodes or even user roles of users in affiliated nodes. To this end, initially each YAKSHA installation is an independent instantiation of the system which has its own users; e.g. admins, auditors, analysers, backup managers, integrators etc., its own honeypots, and performs its processing locally. Clearly, a YAKSHA node, due to processing requirements would consist of more than one computer, but in what follows is considered as a single system.