CYBER-TRUST – Protection with the innovative cyber-threat platform

The CYBER-TRUST project is working to develop an innovative cyber-threat intelligence gathering, detection, and mitigation platform

As well as working towards an advanced cyber-threat intelligence gathering, detection, and mitigation platform, The CYBER-TRUST project as well as, to perform high quality interdisciplinary research in key areas for introducing novel concepts and approaches to tackle the grand challenges towards securing the ecosystem of IoT devices. The high level project objectives, which summarise the specific challenges of the work programme are:

To create a new paradigm for the next generation cyber-security systems, especially suited for the IoT, that will greatly increase the capability of CIIs to counter threat actors and their methods.
To quickly detect and effectively respond to/mitigate sophisticated cyber-attacks by advancing the current state-of-the-art of numerous existing techniques and by introducing new ones.
To deliver advanced solutions for collecting forensic information from the defending systems in order to identify the attackers and further use it as evidence in court.
To minimise the impact on sensitive data protection and user’s privacy of the proposed tools and methods by addressing any issues during the design and the development phases.

To reach a novel solution and achieve the high-level objectives, a number of concrete technological objectives (TO) need to be overcome. These have been widely recognised to be the cornerstone towards securing the IoT22, but they have also been suggested as top priority controls that organisations should implement to attain the most immediate impact on preventing cyber-attacks.

Center for Security Studies – Hellenic Police KEMEA

The Center for Security Studies – KEMEA is a think tank on homeland security policies and an established research centre since 2005 (L. 3387/2005) within the Hellenic Ministry of Interior and Administrative Reconstruction (former Ministry of Public Order and Citizen Protection), aiming to support security policy implementations in Greece at a strategic level. More specifically, the activity of KEMEA includes: (a) the certification of practitioners of private security professionals at the national level, (b) research and development in context of National and European projects in close cooperation with LEAs, working under the auspices of the Ministry of Interior, and (c) training of practitioners in new systems and technologies. The centre also provides advisory and consulting services to the Ministry of Interior as well as to other public and private authorities on safety and security issues.

Role in the project: As the coordinator of CYBER-TRUST, KEMEA will ensure the overall project management and take responsibility for mediation, on behalf of the consortium, with the European Commission. KEMEA will also lead the pilot implementation and validation of the CYBER-TRUST platform.

University of Peloponnese

The Department of Informatics and Telecommunications, University of Peloponnese, is located in Tripoli, Greece, and belongs to the Faculty of Economy, Management and Informatics. Its mission is to cultivate the science and technology of computer information processing and information transmission systems as well as their applications. A contemporary undergraduate curriculum covering cutting-edge aspects in computing and telecommunications is offered, along with a number of graduate programs leading to MSc degrees and PhDs. The Department currently employs 28 full-time and visiting Faculty members and hosts more than 1200 undergraduate students, 200 postgraduate students, and 100 PhD candidates, as well as a large number of post-doctoral researchers and research associates participating in all its research activities. A broad national and international collaboration network has been developed that includes several companies and research groups.

Role in the project: UOP is technically leading the project and contributes in the cyber-threat landscape review, the development of key proactive technologies and cyber-threat intelligence, the development of solutions related to data privacy, and the security of blockchain-based solutions.

The Centre for Security, Communications and Network Research (CSCAN)

The Centre for Security, Communications and Network Research (CSCAN) is an established research group, comprising staff from the School of Computing, Electronics and Mathematics at the University of Plymouth. Since 1984 the centre has operated under a number of names as the scope of our research has extended. CSCAN has a proven research pedigree, including both collaborative work with industry and participation in European research initiatives. The work has led to many successful postgraduate projects, as well as numerous publications.

Role in the project: CSCAN will lead WP6 and WP9. WP6 work will be focused upon the DDoS/RoQ attacks on network using deep packet inspection, network anomaly detection and protocol analysis to export the features needed to identify these attacks. In WP9, CSCAN is responsible for defining the project’s dissemination strategy.

Vrije Universiteit Brussel

Vrije Universiteit Brussel (Belgium) is an internationally oriented university in Brussels, the heart of Europe. Through tailor-made high-quality research and education, VUB wants to contribute in an active and committed way to a better society for tomorrow. The multidisciplinary Research Group on Law, Science, Technology & Society (LSTS) of Vrije Universiteit Brussel was created in 2003 as an independent entity within the Faculty of Law & Criminology. With more than 30 researchers at all levels of experience, LSTS has become a prominent European research institute in the area of technology regulation.

Role in the project: VUB leads the Working Package 3 (WP3), concerning legal issues with emphasis on data protection and privacy. Project partner: Prof. Dr. Paul Quinn; Project participant: Olga Gkotsopoulou, LL.M.

Scorechain S.A.

Scorechain is a Luxembourgish Blockchain Startup established in 2015. With the aim to provide trust into crypto assets, the first product focuses on Bitcoin compliance. The Bitcoin Blockchain Analytics platform helps cryptocurrency exchanges, brokers, audit firms and private banks to track origin of funds and operate risk management as well as compliance procedures. In a due diligence perspective, Scorechain launched Scotix, an information platform that gathers quantitative and qualitative data to help cryptocurrencies asset managers in the investment decision making process. Scorechain has experts in Blockchain technologies since the startup has also implemented distributed ledger solutions in various major companies.

Role in the project: Scorechain is the expert in the Blockchain technology. We lead the work to implement a distributed technology to secure and enhance the CYBER-TRUST platform accountability (WP7). The aim is to assess and choose an efficient architecture to implement device authority management, device registration and secure storage of misbehaviour evidence.

Advanced Integrated Technology Solutions & Services ADITESS Ltd.

Advanced Integrated Technology Solutions & Services Ltd (http://www.aditess.com/) is a Cyprus-based SME established in 2011. ADITESS is a scientific, consulting, and research company whose purpose is to conduct theoretical and applied research and to produce studies, at strategic and tactical level, on issues concerning Security policies, Critical Infrastructure Protection, Aftermath on crisis events, Transportation security and Border management (monitoring and surveillance), modelling solutions and to develop state of the art applied Security Solutions in the above-mentioned areas. Their staff composed of dedicated and experienced professionals who have outstanding professional and academic experience in the area of security, and have been involved in EU Research Programs as well as national and international projects for several years. Consisting and cooperating with consultants – researchers with professional and academic experience and a long-standing history in proposal preparation, project management and R&D activities, ADITESS is at the forefront of our offering with clients stemming from a multitude of technological domains, such as Security, Defence, Information and Communication Technologies. Furthermore, a number of ADITESS researchers come with ex-military and ex-police forces background in IT Security, Electronic Warfare (EW) and Signal Intelligence (SIGINT) in large-scale National and International operations, over the last fifteen years. This field experience is enhanced by high academic knowledge especially in the security (IT, UAV systems, Electro-optics, Communication, etc.) system’s area.

Role in the project: ADITESS will serve as the system’s integrator in the project and will also ensure system deployment during the pilot execution. ADITESS will provide support to all technical and test case partners during the preparation, execution and evaluation of CYBER-TRUST. Additionally, ADITESS will also lead T6.2 for the implementation of solutions for device tampering detection and remediation. ADITESS as an SME will participate in dissemination and exploitation activities for the communication of CYBER-TRUST outcomes.

CGI Nederland B.V.

Founded in 1976, CGI is one of the largest IT and business process services providers in the world. With around 76,000 professionals globally, CGI helps clients become customer-centric digital organizations. CGI delivers high-quality business consulting, systems integration and managed services, complemented by more than 150 IP-based solutions and best-fit global delivery options, to support clients in lowering the costs of running their business and reinvesting savings into their digital transformation success. Since 1976, CGI has helped CGI military, law enforcement, homeland security, critical infrastructure and intelligence clients deliver large-scale, complex programs across logistics, operations, communications, intelligence, systems engineering, military health, training, simulation and infrastructure. CGI has earned a reputation for solving technically complex challenges in biometrics (where we also have our own intellectual property), cybersecurity, electronic warfare, C4ISR, secure hosting, cloud computing and systems integration. CGI is also leading solution architecture practice applying in all sectors and domains. CGI global cybersecurity and architecture practice also leverages investments in security innovation and expertise to accelerate new technology and tactics from research to test to operations. CGI offers flexible solutions that balance capability and cost, allowing agencies to deploy our cybersecurity expertise in the model best suited to their needs.

Role in the project: CGI is leading the design of the overall CYBER-TRUST platform architecture and development of a rapid prototype (WP4), guides the translation of legal recommendations into technical requirements, and is leading the project’s exploitation strategy.

Mathema S.R.L.

Mathema is a performing research ICT company active since 1987 whose main mission is to support very large public and private organisations and industries (i4.0) in the development of complex cyber-physical information systems, in the analysis and mining of large data sets, in enhancing resilience and security. In particular, the core activities and competencies span from Hyperledger Fabric, Virtual/Augmented reality, IoT/IoE Big Data Fusion and Mining, Social Intelligence/Deep Learning, Real-time Complex Event Processing and early warnings, mobile application. Mathema applies its competences in the fields of Government (e.g. Italian Ministry of Foreign Affarins and Intern, Tuscany Region, Civil Protection), Industry (i4.0), Health, Smart City, Safety, (Cyber)Security, Cultural Heritage, Business, etc. Mathema applies the System Thinking, Design thinking and Open Innovation 2.0 approaches cooperating with Public administrations, Research institutions and final users.

Role in the project: Within Cyber-Trust, Mathema is devoted to implement an Interactive 2D dashboard for IoT monitoring and an innovative 3D-VR IoT visualization tool for augmenting the capability of complex network inspection

Publications

Grammatikakis, K. P., Ioannou, A., Shiaeles, S., & Kolokotronis, N. (2018, August). WiP: Are Cracked Applications Really Free? An Empirical Analysis on Android Devices. In *2018 IEEE 16th Intl Conf on Dependable, Autonomic and Secure Computing, 16th Intl Conf on Pervasive Intelligence and Computing, 4th Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC/PiCom/DataCom/CyberSciTech)* (pp. 730-735). IEEE. DOI: https://doi.org/10.1109/DASC/PiCom/DataCom/CyberSciTec.2018.00127,arXiv:
https://arxiv.org/abs/1903.04793
Bendiab, K., Kolokotronis, N., Shiaeles, S., & Boucherkha, S. (2018, August). WiP: A Novel Blockchain-Based Trust Model for Cloud Identity Management. In *2018 IEEE 16th Intl Conf on Dependable, Autonomic and Secure Computing, 16th Intl Conf on Pervasive Intelligence and Computing, 4th Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC/PiCom/DataCom/CyberSciTech)*(pp. 724-729). IEEE. DOI: https://doi.org/10.1109/DASC/PiCom/DataCom/CyberSciTec.2018.00126, arXiv: https://arxiv.org/abs/1903.04767
Ali., M., Shiaeles, S., Ghita, B., Papadaki, M., Agent-based Vs Agent-less Sandbox for Dynamic Behavioral Analysis, 2018 Global Information Infrastructure and Networking Symposium (GIIS), GIIS2018, IEEE DOI: https://doi.org/10.1109/GIIS.2018.8635598, arXiv: https://arxiv.org/abs/1904.02100
Siracusano, M., Shiaeles, S., Ghita, B., Detection of LDDoS Attacks Based on TCP Connection Parameters, 2018 Global Information Infrastructure and Networking Symposium (GIIS), GIIS2018, IEEE DOI: https://doi.org/10.1109/GIIS.2018.8635701, arXiv: https://arxiv.org/abs/1904.01508
Gkotsopoulou, O., Charalambous, E., Limniotis, K., Quinn, P., Kavallieros, D., Sargsyan, G., Shiaeles, S., Kolokotronis, N.,Data Protection by Design for Cybersecurity Systems in a Smart Home Environment, In *2019 IEEE 1st International Workshop on Cyber-Security Threats, Trust and Privacy Management in Software-defined and Virtualized Infrastructures (SecSoft)*, Paris,France, June 24-28,2019 IEEE.
DOI: TBA. , arXiv: https://arxiv.org/abs/1903.10778
Baptista, I., Shiaeles, S., Kolokotronis, N., A Novel Malware Detection System Based On Machine Learning and Binary Visualization, In * 2019 1st International Workshop on Data Driven Intelligence for Networks and Systems (DDINS)*, Shanghai,China, May 20-24,2019, IEEE, DOI: TBA, arXiv: https://arxiv.org/abs/1904.00859
Brotsis, S., Kolokotronis, N., Limniotis, K., Shiaeles, S., Kavallieros, D., Bellini, E., Pavue, C., Blockchain Solutions for Forensic Evidence Preservation in IoT Environments, In * 2019 1st International Workshop on Cyber-Security Threats, Trust and Privacy Management in Software-defined and Virtualized Infrastructures (SecSoft), Paris, France, June 24-28,2019, IEEE, arXiv: https://arxiv.org/abs/1903.10770
Vassilakis, C., Blockchain technologies for leveraging security and privacy, In * 2019 Homo Virtualis 2, no. 1, pp.7-Special issue “Blockchain and disruptive technologies: Interdisciplinary perspectives”, ISSN: 2585-3899, March 2019, Homo Virtualis, DOI: 10.12681/homvir.20188
Kolokotronis, N., Limniotis, K., Shiaeles, S., Griffiths, R., Secured by Blockchain: Safeguarding Internet of Things Devices, In *2019 IEEE Consumer Electronics Magazine, vol.8, N.3, pp.28-34, May, 2019,IEEE,
DOI: https://doi.org/10.1109/MCE.2019.2892221 , arXiv: https://arxiv.org/abs/1903.04794
Constantinides, C., Shiaeles, S., Ghita, B., & Kolokotronis, N., (2019), A Novel Online Incremental Learning Intrusion Prevention System, In 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS). IEEE. DOI: TBA., arXiv: TBA