Trustworthy, secure and reliable ICT systems are crucial for a wide take up of converging digital services and a global requirement for the reliable and undisturbed functioning of our information society.
In this scenario, the Cybersecurity (CS) lab is an interdisciplinary group that conducts research in trust, security and privacy domains for the improvement of information technology security, as well as the increase of trust and dependability in systems and services.
Our ambition is to coherently address security, trust and privacy from a technological perspective, in an effort to ensure innovation in the field of secure software development, secure service composition, and secure service delivery. The goal is to find solutions for ensuring the security of citizens and organizations from threats such as terrorism, natural disasters and crime, while respecting fundamental rights, such as privacy.
Our research areas include, among others: cyber security, compliance & policy management, secure software engineering, security in virtualized environments, automated reconfiguration of security and high performance Security Information and Event Management (SIEM) systems.
- Innovative security mechanisms (e.g. dynamic or adaptive features).
- Compliance & Policy Management.
- Security event and information management infrastructure (e.g. evidence-based policy enforcement, including security/privacy event monitoring, collection and assessment).
- Security methodologies and frameworks (e.g. risk assessment and secure software development).
- CyberSecurity: fight against malware and botnets, improved resilience against cyber threats.
- Security of IoT and IIoT devices.
- Critical Infrastructures protection
- Security in shared service applications and infrastructures such as Cloud.
- Applying Machine Learning to Advance Cybersecurity Analytics.
- Security & Privacy in Social Networks.
- Security of ICT in large distributed IT systems (sensor networks, interconnected critical infrastructures).
- Information exchange, interoperability and data fusion for situational awareness.
- Context-aware security and context-aware privacy protection.
- Digital forensics (e.g. forensics in Cloud).
- IoT/IIoT Security
- Distributed Ledger Technology & Cybersecurity.
- Machine Learning for Cybersecurity Analytics.
- Trust (establishment of trust relations, management of trust).
- High Performance Security Information and Event Management (SIEM).
- High Performance Compliance Management, including: Evidence Collection, Compliance Assessments and Accountability.
- Privacy by Design, Context-aware privacy enhancement and privacy preservation.
- Security for Virtualized environments.
- Secure Software Engineering.
- Automated Reconfiguration of Security.
- Risk and cost-driven security decision making.
- Prevention of crime and efficient collaboration of police forces.
- Data protection technologies and applications.
- Botnets detection and mitigation.
A holistic solution enabling trust and security by-design for Cyber Physical Systems (CPS) based on IoT and Cloud architectures.
Creation of an unified security framework that orchestrates state-of-the-art heterogeneous security products to offer high levels of protection in Information Technology and Operational Technology departments of Critical Infrastructures.
Creation of a digital automation framework that optimizes the manufacturing processes by exploiting existing data, knowledge and tools to increase productivity and dynamically adapt to changing market requirements.
Enhance existing SIEM systems with diversity-related technology to improve the quality of events collected, add support for collecting infrastructure-related information, create new ways for visualising the information, and allow the use of multiple storage clouds for secure long-term archival.
Develop a cost-effective suite of cyber-security tools to support SMEs in managing network information, security risks and threats while identifying opportunities for implementing secure, innovative technologies for the digital market.
Focuses on the strategic, tactical and operational protection of critical water infrastructures against physical and cyber threats by bringing together a strong team of partners from Europe and Israel to develop solutions to the most pressing threats.
Unified framework where resulting primitives are integrated, while following the end-to-end security principle as closely as allowed by functional and non-functional requirements.
Place cyber-risk management at the heart of good business practice, benefiting multiple stakeholders through the provision of a cyber-risk management framework able to assess, monitor and mitigate risks in real-time, in multiple industries.