IRIS

IRIS will deliver a framework that support European CERT and CSIRT networks detecting, sharing, responding and recovering from cybersecurity threats and vulnerabilities of IoT and AI-driven ICT systems, to minimize the impact of cybersecurity and privacy risks, through a collaborative-first approach and state-of-the-art technology.

IRIS Architecture:

• Collaborative Threat Intelligence (CTI): This module introduces Analytics Orchestration for supervising coordination between incident response and recovery; an Open Threat Intelligence interface for disseminating taxonomies of IoT and AI threats; and an intuitive Threat Intelligence Companion that serves as a key human-in-the-loop interface for collaborative incident response and threat intelligence sharing between CERTs/CSIRTs at both the municipal and national level.

• Automated Threat Analytics (ATA): This module extends existing intrusion detection tools with a novel threat detection engine for identifying specific IoT and AI attack vectors and includes digital twin honeypots for collecting attack telemetry against end-user systems reliant on these technologies.

• Virtual Cyber Range (VCR): This module is used for collaborative CERT/CSIRT training exercises based on real-world environment platforms, providing representative adversarial IoT & AI threat intelligence scenarios and handson training.