CyberMap

The digital interdependence between different sectors of society implies the need for targeted efforts to ensure the integrity and availability of individual systems. Thus, the Cybersecurity Lab of Sofia Tech Park set out to create a large-scale project, "CyResLab Monitor", to provide an aggregated picture of the technical profile and the vulnerabilities of a large number of independent systems, providing services within the Bulgarian cyberspace. The first phase of this project is respectively creating a pilot version of "Cyber Map Bulgaria".

 

The specific goal of Phase I – "Cyber Map Bulgaria" was to implement a fully-functional product which collects and visualizes data that could be further used for conducting multifaceted analysis on topics such as chronic vulnerabilities of the Bulgarian cyberspace per domain and/or sector, as well as identifying critical common vulnerabilities in the Bulgarian IT public and private infrastructure.

 

The project was successfully completed and the CyberMap software suite was developed. Only limited information will be made public due to the character of the data obtained.

 

Additionally, the geographic locations and clusters of the Web servers in the dataset were analyzed, revealing multiple hot spots within the geographic map:

 

global_host_map
Global map, visualizing all hosts, as well as their number in case of clusterization. Host details per unit could also be visualized with a “show all” functionality on each host.

 

 

bg_host_heatmap
Bulgarian administrative map – shows a color-coded clusterization of hosts in Bulgaria 

 

 

global_host_heatmap
Global administrative map – shows a color-coded clusterization of hosts in the world 

 

A proof-of-concept sectoral analysis was performed to compare three "sectors" of the Bulgarian cyberspace:

  • Large group state administration - web sites of central and local administration
  • Small group state administration - web sites of central public administration 
  • Group “Business organizations” -  a representative sample of industry organizations

The results of some basic metrics for these three sectors can be seen below:

 

comparison_public_adm_business

 

“Cyber Map Bulgaria” is an initial phase of a larger project – “CyResLab Monitor” and provides a basic data model, technology and validated methodology intended for further augmentation in the following directions:

  • Adding functionalities and tools for deeper analysis

  • Enriching the data model and information elicitation techniques

  • Offering Cyber Map Bulgaria in "as a service” 
     

cybermap-project-collaborators

 

CyResLab is an initiative of
ESI CEE

ESI CEE