The partners are investigating how data from distributed detectors can be merged in order to deduce the existence of attacks from the overall picture. The procedures are to work based on domain-specific and cross-domain collected data or observations and thereby meet the requirements of autonomy, confidentiality, data protection and self-determination of users and operators. The approach of merging the data should therefore prevent the possibility of drawing conclusions about the participating companies based on the data.
The participants are also exploring how they can train AI models based on data collected in different systems. The applicability of AI for securing web infrastructures depends on the quality of the training data. AIWI will develop a framework to meet industrial quality requirements for data management by means of a rigid "data governance".