EU-GUARDIAN aims at creating a cutting-edge, accurate and reliable AI-based solution that operates and automates larger parts of incident management and cyber defence processes. Focusing on the ability to detect, mitigate and respond to security challenges semi-automatically or automatically; support analysts and decision-makers at all levels; and contribute to enhancing cyber situational awareness, military infrastructure resilience and protection against advanced cyber threats. On these grounds, EU-GUARDIAN will make progress on understanding the relevant actors and the threat environment where AI-based cyber defence systems will interact with; creating AI-based techniques for detecting and understanding adversarial activity, as well as for building knowledge about own protected ICT systems; shaping AI-based information collection and storage systems that can dynamically adapt their strategy to the situation perceived; and building AI-based decision systems which are risk and impact aware. All components will follow the key requirements of human agency and oversight; technical robustness; privacy; algorithmic transparency; diversity and accountability; and proof-of-concept feasibility analysis will support each component. The multidisciplinary and highly specialised Consortium will present the results of EU-GUARDIAN, which will facilitate the tedious task of analysing large amounts of data; will improve cyber operational capability; drive a reduction in costs; and above all, they will contribute to EU cyber defence posture and to the laying of the foundations for prompting the EU autonomy in development and capacitation of AI-based resources.
At a time when Europe and the rest of the world are dealing with major obstacles, future challenges will need to be met to ensure growth and sustainability. Post-pandemic, a clear vision is needed to guarantee digital inclusion and ensure health and safety while working towards environmental goals. The EU-funded Hexa-X project seeks to contribute to shape this vision, and develop tools necessary to bring the next generation of wireless communications to Europe and beyond. It will achieve this by working on groundbreaking communication technologies, architectures and artificial intelligence-enabled networks. This will help secure growth and sustainability while creating the future of wireless communications worldwide.
A methodology for tracking and analysing the needs for standardization and certification harmonization thorough the project life cycle will be defined and enforced, which will allow the early identification of issues related to the conceptualization, design, implementation, integration and deployment of tools for support the EU disaster resiliency; which will be facilitated by a complete consultation strategy to the different stakeholders that are expected to act at each capability development phase, ranging from providers to end users. On these grounds H2020-VALKYRIES will develop, integrate and demonstrate capabilities for enabling immediate and coordinated emergency response including search and rescue, security and health, in scenarios of natural/provoked catastrophes with multiple victims, with special application in cases in which several regions or countries are affected and hence greater interoperability being required. H2020-VALKYRIES will propose both design and development of a modular, interoperable, scalable and secure platform, which will allow the integration between legacy solutions and new technologies. The platform will be able to deploy services and dynamically adapt its behaviour, as the emergency requires it. A series of use cases and demonstrators will be developed placing an emphasis on cross-frontier and cross-sectorial BLOS (Beyond Line of Sight) scenarios, where the usual communications infrastructure could have been damaged, and emergency response teams are deployed without an accurate view of the operation environment.
https://cordis.europa.eu/project/id/101020676
PALANTIR aims at bridging the gap between large enterprises and SMEs/MEs, by providing multi-layered, infrastructure-wide threat monitoring, cyber-resiliency and knowledge sharing in a heterogeneous ecosystem, while at the same time being able to market these services to third parties in the form of Security-as-a-service (SECaaS). PALANTIR will implement a coherent privacy assurance, data protection, incident detection and recovery framework, focusing on the case of highly dynamic service-oriented systems and networks, taking advantage of their inherent programmability features and abstractions. PALANTIR will also focus on cyber-resiliency leveraging the features of service-oriented systems key building features by a) applying and exploiting Network Functions Virtualization (NFV) and Software-Defined Networking (SDN) technologies; b) considering emerging paradigms such as the application of scalable artificial Intelligence, standardization and threat-sharing techniques to risk analysis, network operation, monitoring and management and c) ensuring the SME’s compliance with the relevant data privacy and protection regulations in the data breach age, implementing the «Privacy by Default» and the «Privacy by Design» principles on how personal data is collected, used, transferred and stored between 3rd party businesses and entities. The end result will be an evolving, expandable and unified framework, tailored to the individual needs of every SME and ME, reducing the complexity level of usual security tools while still being affordable and thus attractive for adoption.
https://cordis.europa.eu/project/id/883335
5GZORRO uses distributed Artificial Intelligence (AI) to implement cognitive network orchestration and management with minimal manual intervention (Zero-Touch Automation). Distributed Ledger Technologies (DLT) are adopted to implement flexible and efficient distributed security and trust across the various parties involved in a 5G end-to-end service chain. With these, an evolved 5G Service Layer can be implemented for Smart Contracts among multiple non-trusted parties, to allow SLA monitoring, spectrum sharing, intelligent and automated data-driven resource discovery and management.
https://cordis.europa.eu/project/rcn/225650/factsheet/en
5G-CAGE builds on monitoring and analysis of video streams collected from heterogeneous and distributed sources in Smart City deployments with the aim of providing advanced features for early detection of specific city safety elements not currently supported by the 5GINFIRE platform and capabilities. To this end, 5G-CAGE plans to provide to 5GINFIRE a new VxF, called City Object Detection (CODet)
BotsOnFIRE is intended to demonstrate how an autonomic solution based on a combination of NFV orchestration and SDN applications can be dynamically and automatically adapted in case of cybersecurity threats (e.g. bot agents from a botnet) affecting devices which can move across different domains.
The SELFNET project designs and implements an autonomic network management framework to achieve self-organizing capabilities in managing network infrastructures by automatically detecting and mitigating a range of common network problems that are currently still being manually addressed by network operators, thereby significantly reducing operational costs and improving user experience.
http://cordis.europa.eu/project/rcn/197349_en.html
The SMARTIE project works on security, privacy and trust for data exchange between IoT devices and consumers of their information. Results are demonstrated in smart cities in Germany, Serbia and Spain. Further partners are from Portugal and the UK.
http://cordis.europa.eu/project/rcn/109944_en.html
The aim of the AU2EU project is to implement and demonstrate in a real-life environment an integrated eAuthentication and eAuthorisation framework to enable trusted collaborations and delivery of services across different organisational/governmental jurisdictions.
http://cordis.europa.eu/project/rcn/111357_en.html
ATTPS supports TDL (www.trustindigitallife.eu) in addressing the relationship and balance between the business, legal, social and technical aspects of a public trust platform as well as pragmatic actions such as developing and the testing of generic trust architectures and integration pilots. ATTPS strengthens TDL’s road-mapping by implementing and supporting the SRA and actively contributes to the awareness raising for trustworthy ICT solutions.
http://cordis.europa.eu/project/rcn/105734_en.html
HBB-NEXT will lay the foundations for advanced hybrid multi-user services by building upon existing standards and by enhancing them.The project seeks to facilitate the convergence of the broadcast and Internet world by researching user- centric technologies for enriching the TV-viewing experience with social networking, multiple device access, group-tailored content recommendations, as well as the seamless mixing of broadcast content, of complementary Internet content and of user-generated content.
http://cordis.europa.eu/project/rcn/100252_en.html
IoT-A, the European Lighthouse Integrated Project addressing the Internet-of-Things Architecture, proposes the creation of an architectural reference model together with the definition of an initial set of key building blocks. Together they are envisioned as crucial foundations for fostering a future Internet of Things. Using an experimental paradigm, IoT-A will combine top-down reasoning about architectural principles and design guidelines with simulation and prototyping to explore the technical consequences of architectural design choices.
http://cordis.europa.eu/project/rcn/95713_en.html
The Florence* (Multi Purpose Mobile Robot for Ambient Assisted Living) project aims to improve the well-being of elderly (and that of his beloved ones) as well as improve efficiency in care through AAL services supported by a general-purpose robot platform. The Florence system with its multipurpose mobile robot platform will pioneer the use of such robots in delivering new kinds of AAL services to elderly persons and their caretakers. The main objective is to make this concept acceptable for the users and cost effective for the society and care givers.
http://cordis.europa.eu/project/rcn/93917_en.html
The main goal of SEMIRAMIS is to pilot, in different scenarios, the infrastructure whose major function is to enable the safe, secure and seamless transfer of relevant data to clearly identified users. This will occur in full adaptation and within the limits of the context in which this data is needed for the provision of requested e-services. It will provide an easy-to-implement and easy-to-use solution for single sign-on and secure access to services on which novel offerings can be easily deployed.
http://cordis.europa.eu/project/rcn/191850_en.html
SENSEI creates an open, business driven architecture that fundamentally addresses the scalability problems for a large number of globally distributed WS&A (wireless sensor and actuator) devices. It provides necessary network and information management services to enable reliable and accurate context information retrieval and interaction with the physical environment. By adding mechanisms for accounting, security, privacy and trust it enables an open and secure market space for context-awareness and real world interaction.
http://cordis.europa.eu/project/rcn/85429_en.html
SWIFT aims to leverage identity technology as a key to integrate service and transport infrastructures for the benefit of users and providers. It focuses on extending identity functions and federation to the network while addressing usability and privacy concerns. SWIFT aims to build on considerable identity management work that has already been done in standards and in multiple R&D projects.
http://cordis.europa.eu/project/rcn/85308_en.html
Current interconnection of «things» to the Internet (IoT) has grown significantly in the last years, foreseeing 20 billion of these things by 2020. Internet security constitutes an strategic action for organizations, governments and even individuals, so the security of interconnected «things» requires our attention too. Thus, in this project we will revise the security conditions of such «things» in order to propose a cyber security architecture for IoT systems entailing a holistic security paradigm for the protection of information assets. Such solution should be easy to follow by technology developers, IT areas and users, strengthening this way the technological environments of organizations, as well as the individuals using them. Additionally, we will document such know-how so that we can disseminate the acquired knowledge and describe a potential application of the outcomes over an e-Health scenario.
The management of information security and the protection of information assets deserve a constant attention by those organizations handling highly critical information. SIEM solutions provide a way to tackle this issue by means of security event management functionalities allowing the detection of security incidents that occurred in the past or happening right now and making the organizations able to generate countermeasures to diminish the impact of an incident. Besides the utility of these solutions, its application to SMEs and in public sector entities has not succeeded yet mainly due to the high cost of a SIEM solution and the lack of technical skills required for its deployment, configuration and roll-out. This project intends to generate a SIEM solution prototype that can be used in real scenarios to protect critical information assets exposed to common security threats, without a high economic investment from the organizations benefiting from it. Additionally, all the generated know-how will be documented aiming at disseminating all the lessons learnt and to describe a potential application scenario in the context of e-Health.
El principal objetivo de este proyecto es el prototipado del sistema SafeMan para la gestión de forma unificada de la ciberseguridad y la seguridad en entornos industriales, combinando técnicas novedosas como la Artificial Inteligencia, específicamente Machine Learning y Deep Learning, y técnicas de Visión Artificial. Este prototipo será verificado en un entorno industrial operativo.
El objetivo principal de CYBERTY es el diseño, desarrollo y evaluación en un escenario realista de fábrica inteligente de un framework autónomo que permite: (1) monitorear, identificar y mitigar ciberamenazas en tiempo real; (2) reconocimiento de la actividad humana para la caracterización de procesos industriales; y (3) controles de seguridad para proteger el propio framework. En particular, en este proyecto se propone integrar ciberseguridad y reconocimiento de actividad en una arquitectura de edge computing que aprovecha las nuevas tecnologías como aprendizaje máquina y aprendizaje profundo, Internet de las cosas, visión artificial y dockerización, entre otros.
La Plataforma de Análisis de Servicios en TOR (PASTOR) ofrece las siguientes funcionalidades: i) Obtención de nuevos servicios ocultos en TOR no identificados previamente y que no se encuentren en fuentes públicas, ii) Comprobación del estado (activo o inactivo) de los servicios ocultos descubiertos en el momento de la consulta, iii) Diseño de un prototipo software que obtenga nuevos servicios ocultos en TOR de manera continua, es decir, estará basado en técnicas no temporales que aseguren que el software no tendrá que ser adaptado a corto o medio plazo para continuar obteniendo nuevos servicios ocultos y iv) Desarrollo y prueba de un prototipo software que pueda ser integrado fácilmente con soluciones que permitan recoger estos nuevos servicios (.onion) para su monitorización continua.
En este proyecto se desarrollarán módulos de simulación de tráfico y topologías de red, y de amenazas avanzadas persistentes (APTs) hiperrealistas que simulen de forma efectiva escenarios realistas. En segundo lugar, se utilizará un Cyber Range para integrar dichos módulos de simulación, con un módulo que permita el desarrollo de escenarios de cibermaniobras plantilla parametrizables y aleatorizables, que otorgue flexibilidad al instructor y escenarios desafiantes para el estudiante. En tercer lugar, se integrará al Cyber Range elementos de dos tecnologías educativas en alce actualmente, como la gamificación y el aprendizaje adaptivo, de manera que el proceso de aprendizaje sea más motivante y adaptado. Por último, se desarrollará un módulo de evaluación de competencias en ciberdefensa en función de la interacción de los estudiantes con las cibermaniobras. Las soluciones desarrolladas en este proyecto conformarán módulos independientes y un entorno de trabajo global, que tenga la capacidad de mejorar el entrenamiento en ciberdefensa con simulaciones hiperrealistas en escenarios que puedan variar en cada iteración y adaptarse dinámicamente a las características del estudiante, así como mejorar la motivación de los estudiantes para aprender en este entorno.
We propose an unified framework for combining cybersecurity and safety in manufacturing industrial environments. This framework, called SAFEMAN, is composed of a set of applications and services that monitor and analyse the cybersecurity and safety risks in real time. The individual risk assessments are collected and considered together in order to identify threats or deviations. If required, the framework takes specific actions in order to protect workers and equipment, and develops the adequate response mechanisms to ensure the reliability of the industrial processes.
The COSMOS project, funded by a Leonardo Grant awarded by the BBVA Foundation, intends to develop novel and innovative solutions aimed at providing sophisticated protection mechanisms within the context of the Internet of Things (IoT). In this regard, its overall and main goal lies in the development of the so-called collaborative, seamless and adaptive sentinels. Such sentinels would seamlessly sense their environment, automatically identifying all those devices in the nearby to be potentially protected. Once the appropriate devices have been selected, the sentinels would adapt themselves in order to become experts in the protection of such specific devices against cyber-attacks. Last but not least, in case a new device to be protected comes into play and the assigned sentinel does not know how to protect it, the sentinel would ask for such protection knowledge to other collaborative sentinels in the community.
Furthermore, the IoT sentinels would not only focus on detecting intrusions, but rather cover the four phases of the cyberdefense, namley: prevention, detection, reaction and forensics.
Materialized in two different forms (dedicated and virtual), the sentinels in the context of COSMOS would operate in a Smart Home scenario, where a number of heterogeneous devices can be found (PCs, laptops, smartphones, electrical appliances, wearables, etc.).
The DHARMA (Dynamic Heterogeneous threAts Risk Management and Assessment) project aims to provide a framework for the achievement of an efficient Dynamic Risk Management and Assurance in ICT environments taking into account new types of threats known as APTs (Advanced Persistent Threats). These threats are characterised for not using just the classical means of penetration based on software vulnerabilities, but a combination of heterogeneous attack vectors customized for the organization and its employees, including the use of physical intrusions, employees deception, sensitive information abuse, side channels, etc. Thus, the current methodologies cannot manage adequately this dynamicity, with changes in context being a possible symptom of a new vulnerability and implying a potential modification in the list of risks identified for the organization.
The DHARMA project is devoted to provide an answer to this shortcoming, proposing a multilevel architecture where a remarkable number of heterogeneous sensors will capture any change in the organization context (not just traditional network attacks, but any type of context change), namely: variations in the normal usage of systems and networks, electric consumption deviations, physical security incidents with presence detectors and video surveillance, ambient sensors, social networks activity sensors, and even the characterization of labour unrest in the organization in order to anticipate possible insider attacks by malicious employees.
The main objective of the RECLAMO project is the research on novel approaches for reacting to network attacks. So, the project will try to go beyond the classic Intrusion Detection Systems approach, based on intrusion detection and basic reactions, and will define, develop and validate an intelligent Automatic Intrusion Response System able to generate new and advanced reactions, with a special focus on the so-called «deception-based» responses: the diversion of the attack to a dynamically ad-hoc generated honeynet for the attack to be adequately confined in order to mitigate it and learn from it. In this approach, a detected intrusion will be analysed in real time using a model of intrusions, responses and security metrics formally defined with formal knowledge and behaviour definition languages, which allow triggering an inference process from the detected intrusion.
The work proposed in this project is aimed at creating a framework that meets the needs for communication and for the infrastructure to provide dedicated services to end-user in ubiquitous vehicular environments. The vehicle to vehicle (V2V) and vehicle to infrastructure (V2I) communications will have a special relevance in this project. Various communication technologies will be exploited, mainly vehicular ad-hoc networks (VANET) and networks with infrastructure, whose main representative are 3G cellular networks. We will study the feasibility of such technologies in the area of vehicles; explore new strategies for modeling networks in VANETs, and directing all development towards an integrated environment for a communicating vehicle. In this regard, special attention will be given to provide a common communication interface, isolating the user from handoffs or changes that may occur between different network technologies.
El objetivo principal de SCORPION es diseñar y desarrollar una plataforma que incluya formación de contenidos conceptuales teóricos, y a su vez también formación práctica a través de ciberejercicios virtualizados en temáticas relacionadas con la ciberseguridad para que las PYMEs y microempresas de la Región de Murcia puedan formar a sus profesionales y, consecuentemente, mejorar sus capacidades estratégicas en materias de ciberseguridad TIC mejorando sus activos frente a los eventuales y cada vez más presentes ciberataques. En este sentido, la plataforma SCORPION será suministrada a los usuarios interesados en forma de servicio bajo demanda según el paradigma Cyber Range-as-a-Service (CRaaS). De esta forma, los usuarios interesados podrán explotar el conjunto de herramientas ofrecidas en el marco de esta PdC, como por ejemplo infraestructura física y virtual, cursos de formación (p.ej., cyber situational awareness, gestión de riesgo, seguridad de la información, etc.), como un servicio remoto mantenido por el equipo solicitante.
La autenticación continua en dispositivos móviles, como su nombre indica, pretende identificar al propietario (o propietarios) de un determinado dispositivo en todo momento y no de forma puntual, como lo hacen los sistemas tradicionales. El beneficio principal de la autenticación continua es la mejora de la experiencia de los usuarios cuando hacen uso de los servicios o aplicaciones en sus dispositivos móviles. Concretamente, este tipo de autenticación evita el tener que recordar o “poseer” algo cuando se quiere acceder a una aplicación o servicio que requiere autenticación. En este sentido, tener autenticado al usuario de forma permanente aumenta la seguridad del dispositivo, además de permitir que la interacción del usuario con aplicaciones sea mucho más fluida, sencilla y satisfactoria. Así, la prueba de concepto (PdC) que se propone en este proyecto está orientada a la implementación y validación de una aplicación para dispositivos móviles que permitirá la autenticación continua del propietario (o propietarios) en base a su comportamiento con el dispositivo.
Partiendo de las líneas sistemas de Aprendizaje (con y sin incertidumbre) y de Optimización junto con el análisis relacionadas con diversos aspectos de loss de decisiones y sistemas cooperativos inteligentes, que se fijan en la descripción del grupo, se han creado nuevas áreas de trabajo como los sistemas de DataMining, el modelado difuso, los sistemas de manejo de la imperfección, DataMining aplicada a Meta-heurísticas Cooperativas y los sistemas de Optimización aplicados a Inteligencia Ambiental. Por otra lado, partiendo de las líneas de investigación relacionadas con diversos aspectos de las redes, servicios distribuidos y los servicios telemáticos, que se fijan en la descripción del grupo se han creado nuevas áreas de trabajo como los Sistemas de Agentes aplicados a Inteligencia Ambiental y los Sistemas Adaptativos en redes Móviles, así como los Entornos Colaborativos, y Seguridad en redes IPv6, Telemática aplicada los sistemas Inteligentes de Transportes (ITS) y Servicios en redes móviles y ad-hoc.
This project aims to develop a framework, called RESERVE, designed to uniquely identify each device deployed in a crowdsensing or Industrial IoT (IIoT) platform in a distributed and robust manner, solving possible security threats based on device impersonation or malicious deployment. The proposed framework is based on hardware device fingerprinting and the generation of ML/DL models to identify the sensors as well as possible malicious elements affecting the identification process robustness.
This project aims to develop a framework, called TREASURE, designed to uniquely identify each sensor in a crowdsensing or Industrial IoT (IIoT) platform, solving possible security threats based on sensor impersonation or malicious sensor deployment. The proposed framework is based on device analysis and the generation of ML/DL models to identify the sensors as well as possible malicious elements affecting the identification process robustness.
El proyecto PRÓXIMA creará un Modelo de Referencia constituido por Bloques Funcionales que estarán interconectados entre sí de cara a gestionar de manera inteligente y eficiente procesos industriales a partir de una explotación de datos del producto producido, del proceso productivo, de la planta de producción y de la fábrica en su globalidad, empleando a tal fin capacidades cognitivas tales como la Inteligencia Artificial Explicativa e Interpretativa, todo ello de cara a disponer en un futuro próximo en España de Fábricas Nativamente Inteligentes capaces de asegurar una industria económica y medioambientalmente sostenible y centrada en el trabajador, minimizando asimismo la aparición de brechas digitales.
INSURANCE aims to develop a framework, called INSURANCE, to identify misbehaving or malicious sensors in the ElectroSense platform. The proposed framework is based on a central entity which receives sensor information and different measurements and generates ML/DL models to detect attacks to/from sensors as well as to the ElectroSense platform itself. In particular, anomalous sensors will be identified based on their fingerprinting and the analysis of the data they send.
LAGA is part of a bigger project that is taking place at the MIT Playful Journey Lab on the design and implementation of game-based assessment in K12 schools. In this regard, LAGA entails the design of the data infrastructure and the development of the learning analytics and assessment machinery models to perform such game-based assessment.
SOUNDS aims to analyse the ElectroSense distributed platform for drawing its assets and requirements in terms of securing the communications channels, provide a state-of-the-art detailed review and comparison of solutions concerning communications security capabilities, taking into account the ElectroSense distributed platform and report on a proposal for a technical solution describing at the design level how to deploy mechanisms and protocols for securing the transfer of spectrum data for further processing in ElectroSense.
Minsait Cyber Range is one of the most advanced cyber-training solutions on the market. It has been designed by Indra to support intensive individual and group training in techniques and tactics related to cyberdefense, cyber attacks and forensic analysis. The solution has been used in different CyberCamps organized by the Spanish National Cybersecurity Institute (INCIBE).
The Cátedra SAES-UMU initiative is created in the context of the continuous improvement process of the company, paying special attention to increasing the current quality level of the internal software development processes. It is based on several years of continuous collaboration between SAES and the University of Murcia, that since 2006 are collaborating in common projects and initiatives. This initiative is also the base for current and future research and knowledge transfer activities in the context of open-source software and real time and critical applications and services.