PALANTIR aims at bridging the gap between large enterprises and SMEs/MEs, by providing multi-layered, infrastructure-wide threat monitoring, cyber-resiliency and knowledge sharing in a heterogeneous ecosystem, while at the same time being able to market these services to third parties in the form of Security-as-a-service (SECaaS). PALANTIR will implement a coherent privacy assurance, data protection, incident detection and recovery framework, focusing on the case of highly dynamic service-oriented systems and networks, taking advantage of their inherent programmability features and abstractions. PALANTIR will also focus on cyber-resiliency leveraging the features of service-oriented systems key building features by a) applying and exploiting Network Functions Virtualization (NFV) and Software-Defined Networking (SDN) technologies; b) considering emerging paradigms such as the application of scalable artificial Intelligence, standardization and threat-sharing techniques to risk analysis, network operation, monitoring and management and c) ensuring the SME’s compliance with the relevant data privacy and protection regulations in the data breach age, implementing the «Privacy by Default» and the «Privacy by Design» principles on how personal data is collected, used, transferred and stored between 3rd party businesses and entities. The end result will be an evolving, expandable and unified framework, tailored to the individual needs of every SME and ME, reducing the complexity level of usual security tools while still being affordable and thus attractive for adoption.
5GZORRO uses distributed Artificial Intelligence (AI) to implement cognitive network orchestration and management with minimal manual intervention (Zero-Touch Automation). Distributed Ledger Technologies (DLT) are adopted to implement flexible and efficient distributed security and trust across the various parties involved in a 5G end-to-end service chain. With these, an evolved 5G Service Layer can be implemented for Smart Contracts among multiple non-trusted parties, to allow SLA monitoring, spectrum sharing, intelligent and automated data-driven resource discovery and management.
5G-CAGE builds on monitoring and analysis of video streams collected from heterogeneous and distributed sources in Smart City deployments with the aim of providing advanced features for early detection of specific city safety elements not currently supported by the 5GINFIRE platform and capabilities. To this end, 5G-CAGE plans to provide to 5GINFIRE a new VxF, called City Object Detection (CODet)
BotsOnFIRE is intended to demonstrate how an autonomic solution based on a combination of NFV orchestration and SDN applications can be dynamically and automatically adapted in case of cybersecurity threats (e.g. bot agents from a botnet) affecting devices which can move across different domains.
The SELFNET project designs and implements an autonomic network management framework to achieve self-organizing capabilities in managing network infrastructures by automatically detecting and mitigating a range of common network problems that are currently still being manually addressed by network operators, thereby significantly reducing operational costs and improving user experience.
The SMARTIE project works on security, privacy and trust for data exchange between IoT devices and consumers of their information. Results are demonstrated in smart cities in Germany, Serbia and Spain. Further partners are from Portugal and the UK.
The aim of the AU2EU project is to implement and demonstrate in a real-life environment an integrated eAuthentication and eAuthorisation framework to enable trusted collaborations and delivery of services across different organisational/governmental jurisdictions.
ATTPS supports TDL (www.trustindigitallife.eu) in addressing the relationship and balance between the business, legal, social and technical aspects of a public trust platform as well as pragmatic actions such as developing and the testing of generic trust architectures and integration pilots. ATTPS strengthens TDL’s road-mapping by implementing and supporting the SRA and actively contributes to the awareness raising for trustworthy ICT solutions.
HBB-NEXT will lay the foundations for advanced hybrid multi-user services by building upon existing standards and by enhancing them.The project seeks to facilitate the convergence of the broadcast and Internet world by researching user- centric technologies for enriching the TV-viewing experience with social networking, multiple device access, group-tailored content recommendations, as well as the seamless mixing of broadcast content, of complementary Internet content and of user-generated content.
IoT-A, the European Lighthouse Integrated Project addressing the Internet-of-Things Architecture, proposes the creation of an architectural reference model together with the definition of an initial set of key building blocks. Together they are envisioned as crucial foundations for fostering a future Internet of Things. Using an experimental paradigm, IoT-A will combine top-down reasoning about architectural principles and design guidelines with simulation and prototyping to explore the technical consequences of architectural design choices.
The Florence* (Multi Purpose Mobile Robot for Ambient Assisted Living) project aims to improve the well-being of elderly (and that of his beloved ones) as well as improve efficiency in care through AAL services supported by a general-purpose robot platform. The Florence system with its multipurpose mobile robot platform will pioneer the use of such robots in delivering new kinds of AAL services to elderly persons and their caretakers. The main objective is to make this concept acceptable for the users and cost effective for the society and care givers.
The main goal of SEMIRAMIS is to pilot, in different scenarios, the infrastructure whose major function is to enable the safe, secure and seamless transfer of relevant data to clearly identified users. This will occur in full adaptation and within the limits of the context in which this data is needed for the provision of requested e-services. It will provide an easy-to-implement and easy-to-use solution for single sign-on and secure access to services on which novel offerings can be easily deployed.
SENSEI creates an open, business driven architecture that fundamentally addresses the scalability problems for a large number of globally distributed WS&A (wireless sensor and actuator) devices. It provides necessary network and information management services to enable reliable and accurate context information retrieval and interaction with the physical environment. By adding mechanisms for accounting, security, privacy and trust it enables an open and secure market space for context-awareness and real world interaction.
SWIFT aims to leverage identity technology as a key to integrate service and transport infrastructures for the benefit of users and providers. It focuses on extending identity functions and federation to the network while addressing usability and privacy concerns. SWIFT aims to build on considerable identity management work that has already been done in standards and in multiple R&D projects.
Current interconnection of «things» to the Internet (IoT) has grown significantly in the last years, foreseeing 20 billion of these things by 2020. Internet security constitutes an strategic action for organizations, governments and even individuals, so the security of interconnected «things» requires our attention too. Thus, in this project we will revise the security conditions of such «things» in order to propose a cyber security architecture for IoT systems entailing a holistic security paradigm for the protection of information assets. Such solution should be easy to follow by technology developers, IT areas and users, strengthening this way the technological environments of organizations, as well as the individuals using them. Additionally, we will document such know-how so that we can disseminate the acquired knowledge and describe a potential application of the outcomes over an e-Health scenario.
The management of information security and the protection of information assets deserve a constant attention by those organizations handling highly critical information. SIEM solutions provide a way to tackle this issue by means of security event management functionalities allowing the detection of security incidents that occurred in the past or happening right now and making the organizations able to generate countermeasures to diminish the impact of an incident. Besides the utility of these solutions, its application to SMEs and in public sector entities has not succeeded yet mainly due to the high cost of a SIEM solution and the lack of technical skills required for its deployment, configuration and roll-out. This project intends to generate a SIEM solution prototype that can be used in real scenarios to protect critical information assets exposed to common security threats, without a high economic investment from the organizations benefiting from it. Additionally, all the generated know-how will be documented aiming at disseminating all the lessons learnt and to describe a potential application scenario in the context of e-Health.
En este proyecto se desarrollarán módulos de simulación de tráfico y topologías de red, y de amenazas avanzadas persistentes (APTs) hiperrealistas que simulen de forma efectiva escenarios realistas. En segundo lugar, se utilizará un Cyber Range para integrar dichos módulos de simulación, con un módulo que permita el desarrollo de escenarios de cibermaniobras plantilla parametrizables y aleatorizables, que otorgue flexibilidad al instructor y escenarios desafiantes para el estudiante. En tercer lugar, se integrará al Cyber Range elementos de dos tecnologías educativas en alce actualmente, como la gamificación y el aprendizaje adaptivo, de manera que el proceso de aprendizaje sea más motivante y adaptado. Por último, se desarrollará un módulo de evaluación de competencias en ciberdefensa en función de la interacción de los estudiantes con las cibermaniobras. Las soluciones desarrolladas en este proyecto conformarán módulos independientes y un entorno de trabajo global, que tenga la capacidad de mejorar el entrenamiento en ciberdefensa con simulaciones hiperrealistas en escenarios que puedan variar en cada iteración y adaptarse dinámicamente a las características del estudiante, así como mejorar la motivación de los estudiantes para aprender en este entorno.
We propose an unified framework for combining cybersecurity and safety in manufacturing industrial environments. This framework, called SAFEMAN, is composed of a set of applications and services that monitor and analyse the cybersecurity and safety risks in real time. The individual risk assessments are collected and considered together in order to identify threats or deviations. If required, the framework takes specific actions in order to protect workers and equipment, and develops the adequate response mechanisms to ensure the reliability of the industrial processes.
The COSMOS project, funded by a Leonardo Grant awarded by the BBVA Foundation, intends to develop novel and innovative solutions aimed at providing sophisticated protection mechanisms within the context of the Internet of Things (IoT). In this regard, its overall and main goal lies in the development of the so-called collaborative, seamless and adaptive sentinels. Such sentinels would seamlessly sense their environment, automatically identifying all those devices in the nearby to be potentially protected. Once the appropriate devices have been selected, the sentinels would adapt themselves in order to become experts in the protection of such specific devices against cyber-attacks. Last but not least, in case a new device to be protected comes into play and the assigned sentinel does not know how to protect it, the sentinel would ask for such protection knowledge to other collaborative sentinels in the community.
Furthermore, the IoT sentinels would not only focus on detecting intrusions, but rather cover the four phases of the cyberdefense, namley: prevention, detection, reaction and forensics.
Materialized in two different forms (dedicated and virtual), the sentinels in the context of COSMOS would operate in a Smart Home scenario, where a number of heterogeneous devices can be found (PCs, laptops, smartphones, electrical appliances, wearables, etc.).
The DHARMA (Dynamic Heterogeneous threAts Risk Management and Assessment) project aims to provide a framework for the achievement of an efficient Dynamic Risk Management and Assurance in ICT environments taking into account new types of threats known as APTs (Advanced Persistent Threats). These threats are characterised for not using just the classical means of penetration based on software vulnerabilities, but a combination of heterogeneous attack vectors customized for the organization and its employees, including the use of physical intrusions, employees deception, sensitive information abuse, side channels, etc. Thus, the current methodologies cannot manage adequately this dynamicity, with changes in context being a possible symptom of a new vulnerability and implying a potential modification in the list of risks identified for the organization.
The DHARMA project is devoted to provide an answer to this shortcoming, proposing a multilevel architecture where a remarkable number of heterogeneous sensors will capture any change in the organization context (not just traditional network attacks, but any type of context change), namely: variations in the normal usage of systems and networks, electric consumption deviations, physical security incidents with presence detectors and video surveillance, ambient sensors, social networks activity sensors, and even the characterization of labour unrest in the organization in order to anticipate possible insider attacks by malicious employees.
The main objective of the RECLAMO project is the research on novel approaches for reacting to network attacks. So, the project will try to go beyond the classic Intrusion Detection Systems approach, based on intrusion detection and basic reactions, and will define, develop and validate an intelligent Automatic Intrusion Response System able to generate new and advanced reactions, with a special focus on the so-called «deception-based» responses: the diversion of the attack to a dynamically ad-hoc generated honeynet for the attack to be adequately confined in order to mitigate it and learn from it. In this approach, a detected intrusion will be analysed in real time using a model of intrusions, responses and security metrics formally defined with formal knowledge and behaviour definition languages, which allow triggering an inference process from the detected intrusion.
The work proposed in this project is aimed at creating a framework that meets the needs for communication and for the infrastructure to provide dedicated services to end-user in ubiquitous vehicular environments. The vehicle to vehicle (V2V) and vehicle to infrastructure (V2I) communications will have a special relevance in this project. Various communication technologies will be exploited, mainly vehicular ad-hoc networks (VANET) and networks with infrastructure, whose main representative are 3G cellular networks. We will study the feasibility of such technologies in the area of vehicles; explore new strategies for modeling networks in VANETs, and directing all development towards an integrated environment for a communicating vehicle. In this regard, special attention will be given to provide a common communication interface, isolating the user from handoffs or changes that may occur between different network technologies.
La autenticación continua en dispositivos móviles, como su nombre indica, pretende identificar al propietario (o propietarios) de un determinado dispositivo en todo momento y no de forma puntual, como lo hacen los sistemas tradicionales. El beneficio principal de la autenticación continua es la mejora de la experiencia de los usuarios cuando hacen uso de los servicios o aplicaciones en sus dispositivos móviles. Concretamente, este tipo de autenticación evita el tener que recordar o “poseer” algo cuando se quiere acceder a una aplicación o servicio que requiere autenticación. En este sentido, tener autenticado al usuario de forma permanente aumenta la seguridad del dispositivo, además de permitir que la interacción del usuario con aplicaciones sea mucho más fluida, sencilla y satisfactoria. Así, la prueba de concepto (PdC) que se propone en este proyecto está orientada a la implementación y validación de una aplicación para dispositivos móviles que permitirá la autenticación continua del propietario (o propietarios) en base a su comportamiento con el dispositivo.
Partiendo de las líneas sistemas de Aprendizaje (con y sin incertidumbre) y de Optimización junto con el análisis relacionadas con diversos aspectos de loss de decisiones y sistemas cooperativos inteligentes, que se fijan en la descripción del grupo, se han creado nuevas áreas de trabajo como los sistemas de DataMining, el modelado difuso, los sistemas de manejo de la imperfección, DataMining aplicada a Meta-heurísticas Cooperativas y los sistemas de Optimización aplicados a Inteligencia Ambiental. Por otra lado, partiendo de las líneas de investigación relacionadas con diversos aspectos de las redes, servicios distribuidos y los servicios telemáticos, que se fijan en la descripción del grupo se han creado nuevas áreas de trabajo como los Sistemas de Agentes aplicados a Inteligencia Ambiental y los Sistemas Adaptativos en redes Móviles, así como los Entornos Colaborativos, y Seguridad en redes IPv6, Telemática aplicada los sistemas Inteligentes de Transportes (ITS) y Servicios en redes móviles y ad-hoc.
INSURANCE aims to develop a framework, called INSURANCE, to identify misbehaving or malicious sensors in the ElectroSense platform. The proposed framework is based on a central entity which receives sensor information and different measurements and generates ML/DL models to detect attacks to/from sensors as well as to the ElectroSense platform itself. In particular, anomalous sensors will be identified based on their fingerprinting and the analysis of the data they send.
LAGA is part of a bigger project that is taking place at the MIT Playful Journey Lab on the design and implementation of game-based assessment in K12 schools. In this regard, LAGA entails the design of the data infrastructure and the development of the learning analytics and assessment machinery models to perform such game-based assessment.
SOUNDS aims to analyse the ElectroSense distributed platform for drawing its assets and requirements in terms of securing the communications channels, provide a state-of-the-art detailed review and comparison of solutions concerning communications security capabilities, taking into account the ElectroSense distributed platform and report on a proposal for a technical solution describing at the design level how to deploy mechanisms and protocols for securing the transfer of spectrum data for further processing in ElectroSense.
Minsait Cyber Range is one of the most advanced cyber-training solutions on the market. It has been designed by Indra to support intensive individual and group training in techniques and tactics related to cyberdefense, cyber attacks and forensic analysis. The solution has been used in different CyberCamps organized by the Spanish National Cybersecurity Institute (INCIBE).
The Cátedra SAES-UMU initiative is created in the context of the continuous improvement process of the company, paying special attention to increasing the current quality level of the internal software development processes. It is based on several years of continuous collaboration between SAES and the University of Murcia, that since 2006 are collaborating in common projects and initiatives. This initiative is also the base for current and future research and knowledge transfer activities in the context of open-source software and real time and critical applications and services.