Cybersecurity

Addressing security, trust and privacy from a technological perspective, in an effort to ensure the security of citizens and organizations
Description: 

Trustworthy, secure and reliable ICT systems are crucial for a wide take up of converging digital services and a global requirement for the reliable and undisturbed functioning of our information society.

In this scenario, the Cybersecurity (CS) lab is an interdisciplinary group that conducts research in the trust, security and privacy domains for the improvement of information technology security, as well as the increase of trust and dependability in systems and services.

Goals: 

Our ambition is to coherently address security, trust and privacy from a technological perspective, in an effort to ensure innovation in the field of secure software development, secure service composition, and secure service delivery. The goal is to find solutions for ensuring the security of citizens and organizations from threats such as terrorism, natural disasters and crime, while respecting fundamental rights, such as privacy.

Our research areas include, among others: cyber security, compliance & policy management, secure software engineering, security in virtualized environments, automated reconfiguration of security and high performance Security Information and Event Management (SIEM) systems.

Main Activities: 
  • Innovative security mechanisms (e.g. dynamic or adaptive features).
  • Compliance & Policy Management.
  • Security event and information management infrastructure (e.g. evidence-based policy enforcement, including security/privacy event monitoring, collection and assessment).
  • Security methodologies and frameworks (e.g. risk assessment and secure software development).
  • CyberSecurity: fight against malware and botnets, improved resilience against cyber threats.
Challenges: 
  • Security in shared service applications and infrastructures such as Cloud.
  • Security & Privacy in Social Networks.
  • Security of ICT in large distributed IT systems (sensor networks, interconnected critical infrastructures).
  • Information exchange, interoperability and data fusion for situational awareness.
  • Context-aware security and context-aware privacy protection.
  • Digital forensics (e.g. forensics in Cloud).
Current Research Topics and Findings: 
  • Trust (establishment of trust relations, management of trust).
  • High Performance Security Information and Event Management (SIEM).
  • High Performance Compliance Management, including: Evidence Collection, Compliance Assessments and Accountability.
  • Privacy by Design, Context-aware privacy enhancement and privacy preservation.
  • Security for Virtualized environments.
  • Secure Software Engineering.
  • Automated Reconfiguration of Security.
  • Risk and cost-driven security decision making.
  • Prevention of crime and efficient collaboration of police forces.
  • Data protection technologies and applications.
  • Botnets detection and mitigation.

Projects

ACDC

ACDC - the Advanced Cyber Defence Centre
Edit project Link

Bringing together organizations from 14 European countries, including public administrations, private sector and academia, in order to achieve a sustainable victory over a powerful cyber threat commonly known as botnet.

CIPSEC

Enhancing Critical Infrastructure Protection with innovative SECurity framework
Edit project Link
H2020

Creation of an unified security framework that orchestrates state-of-the-art heterogeneous security products to offer high levels of protection in Information Technology and Operational Technology departments of Critical Infrastructures.

COMPOSITION

Ecosystem for Collaborative Manufacturing Processes - Intra-and Interfactory Integration and Automation
Edit project Link
H2020

Creation of a digital automation framework that optimizes the manufacturing processes by exploiting existing data, knowledge and tools to increase productivity and dynamically adapt to changing market requirements.

DiSIEM

Diversity enhancements for security information and event management
Edit project Link

The DiSIEM project aims to enhance existing SIEM systems with diversity-related technology.More specifically, we want to (1) enhance the quality of events collected, (2) add support for collecting infrastructure-related information from open-source intelligence data, (3) create new ways for visualising the information collected in the SIEM and provide high- level security metrics and models for improving security-related decision project, and (4) allow the use of multiple storage clouds for secure long-term archival of the raw events feed to the SIEM.

RERUM

REliable, Resilient and secUre IoT for sMart city applications
Edit project Link
FP7

Architectural framework for dependable, reliable, and secure networks of heterogeneous smart objects supporting innovative Smart City applications.

TREDISEC

Trust-aware, REliable and Distributed Information SEcurity in the Cloud
Edit project Link
H2020

Unified framework where resulting primitives are integrated, while following the end-to-end security principle as closely as allowed by functional and non-functional requirements.

VisiOn

Visual Privacy Management in User Centric Open Environments
Edit project Link
H2020

Implementation of a privacy platform software components leveraging on existing software, tools and methodologies, which partners have developed in previous projects.

WISER

Wide-Impact cyber SEcurity Risk framework
Edit project Link
H2020

Action that puts cyber-risk management at the heart of good business practice, benefiting critical infrastructure and process owners, and ICT-intensive SMEs. Provision of a cyber-risk management framework able to assess, monitor and mitigate risks in real-time, in multiple industries.