European Cybersecurity Research and the SerIoT Project

Traditional "network-centric" cyber defenses intend to prevent a thief from reaching data, while new "data-centric" cyber defenses assume the thief will reach it. The new defenses make information hard to find and impossible to read. The difference between the old and new approaches is profound. By changing the balance of power between predator and prey, it introduces a new priceperformance curve for cyber security.

Security Risk Management for the Internet of Things: Technologies and Techniques for IoT Security, Privacy and Data Protection, 2020

Cyberattacks on the Internet of Things (IoT) can be the source of major economic damage. They can disrupt production lines, manufacturing processes, and supply chains. They can adversely impact the physical safety of vehicles and transportation systems, and damage the health of living beings both through supply chains for food, medicines, and other vital items, as well as through direct attacks on sensors and actuators that may be connected to vital functions. Thus, securing the IoT is of primary importance to our societies. This paper describes the technical approach that we adopt for IoT security in the SerIoT Research and Innovation Project that is funded by the European Commission. We first discuss the risk scenario for the IoT and briefly review approaches that have been developed to mitigate such risks. Then, we discuss a policy-based lightweight approach that mitigates risks at the level of the attachment of IoT devices to a network. We follow this with a detailed proposal based on using a distributed Machine Learning approach to risk and attack detection in real time, as well as suggestions for future work.

Springer eBooks, 2018

The Internet of Things (IoT) was born in the mid 2010's, when the threshold of connecting more objects than people to the Internet, was crossed. Thus, attacks and threats on the content and quality of service of the IoT platforms can have economic, energetic and physical security consequences that go way beyond the traditional Internet's lack of security, and way beyond the threats posed by attacks to mobile telephony. Thus, this paper describes the H2020 project "Secure and Safe Internet of Things" (SerIoT) which will optimize the information security in IoT platforms and networks in a holistic, cross-layered manner (i.e. IoT platforms and devices, honeypots, SDN routers and operator's controller) in order to offer a secure SerIoT platform that can be used to implement secure IoT platforms and networks anywhere and everywhere.

Cyber Security of Critical Infrastructures in Smart Cities, 2019

Smart city is a trending topic that many researchers from different disciplines are interested in. Even though it is supposed to be a study field of public administration, it has also technical dimensions which are focused on by researchers from engineering sciences. On the other hand, there is a security dimension of smart cities which has a boundary that includes multidisciplinary contributions. The security of cities has been an essential issue throughout the ages, but with the emergence of smart cities, the development of internet and communication technologies, and as a consequence of interconnection of critical infra structures in the smart cities, a new dimension of security has been emerged as the headline of security studies. This headline is cyber security. This study aims to investigate cyber security issues in smart cities particularly focusing on critical infrastructures and presents a recommendatory model for providing cyber security of critical infrastructures in smart cities.

International Cybersecurity Law Review

Over the last decade, the European Union (EU) has demonstrated a consistent determination to promote a global, open, stable, and secure cyberspace for everyone. A structured (and chronological) review of key EU documents, reports, and directives on cybersecurity shows that the recommendations from the relevant EU institutions (Parliament, Commission, Council) have been persistent over time, reiterating the same core issues that seem to not yet have been solved after a decade of debates and experts’ advice. Since at least 2012, EU institutions have identified the two domains that are under constant critical observation for the deployment of a coordinated European cybersecurity approach—gaps in policies and poor integration—while the European fundamentals of cybersecurity (both human and physical) have been consistently seen as an asset rather than a liability. However, the progressive de-professionalization of coding that tends to blur the distinction between amateurs and professiona...

Cybersecurity in the EU: Threats, Frameworks and future perspectives, 2019

For several years now, as technology integrates into our lives, security of individuals, organizational and states is challenged by high-profile cyber incidents. Particularly, as the digital era began, it brought new possibilities and positive prospects for communication, trade and businesses. It provided easier and faster access, alleviated transport and several services. More and more daily activities and transactions are conducted through the use of Internet and technological devices. Soon challenges, threats and risks developed in the cyber space, rooted in the acceleration of technology. Virtual attacks are threatening government institutions, critical infrastructure. Sensitive information or personal data are exposed. The digitalization overall can create more fragile and exposed to dangers societies. Obviously, with the utilization and expansion of cyberspace, its security has been addressed as highly important for governmental and non-governmental actors. Over the past years, the European Union has acknowledged the increasing threats deriving from the nature of our digitally driven world, the reliance on automation and the connection to data. Thus, the EU wants to take the responsibility of cyber security in its own hands by shaping a comprehensive and integral cyber security strategy for its member states as an effort to strengthen the resilience of cyberspace, mitigate the cyber threats and explore all the benefits of digital transformation. This paper explores the territory of cyber security in the European Union. In the first place, it reflects on the challenge of defining “cybersecurity” by the European Union. Secondly, it maps the cyber security threats which pressed EU to shape a cyber security strategy. Then, it aims to identify the main cyber security capabilities, frameworks and tools of the EU. The last sectionfeatures the future steps of the European Union towards cyber security and reveals some challenges that the EU member states face in order to achieve a common cyber security policy and cyber security management at the EU level.

The Cyber Strategy & Policy Brief aims at raising the reader’s awareness on these issues, by monthly analysing the main international events in order to highlight the trends of cyber threats and the lessons learned that might be useful to protect national security. Keywords: Cyber Command, Cyber Intelligence, Cyber Warfare, Israel, Israel Defense Forces, Italian Joint Command for Cyberspace Operations, Italian Joint C4 Command, Italy, NATO, Strategy, Ukraine, Ukraine National Cybersecurity Coordination Centre.

Sensors

Cities have grown in development and sophistication throughout human history. Smart cities are the current incarnation of this process, with increased complexity and social importance. This complexity has come to involve significant digital components and has thus come to raise the associated cybersecurity concerns. Major security relevant events can cascade into the connected systems making up a smart city, causing significant disruption of function and economic damage. The present paper aims to survey the landscape of scientific publication related to cybersecurity-related issues in relation to smart cities. Relevant papers were selected based on the number of citations and the quality of the publishing journal as a proxy indicator for scientific relevance. Cybersecurity will be shown to be reflected in the selected literature as an extremely relevant concern in the operation of smart cities. Generally, cybersecurity is implemented in actual cities through the concerted applicatio...

The "Cyber Strategy & Policy Brief" aims at raising the political leadership and reader’s awareness on the cyber-security issues, by monthly analysing the main international events, in order to highlight the trends of cyber threats and the lessons learned that might be useful to protect national security. The keywords of this volume are: Active Cyber Defence, China, Cyber Warfare, Deterrence, GCHQ, Israel, NSA, People’s Liberation Army, United Kingdom, Russia, United States, Strategy, U.S. Cyber Command, Ukraine.

J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl., 2021

Modern network and computing scenarios are characterized by a complex continuum spread across a variety of technological and administrative domains. For instance, cloud infrastructures are used to offload personal devices, IEEE 802.11 and 4G/5G connectivity allow ubiquitous mobility, and low-power communications and edge/fog computing enable to integrate cyber-physical systems in the daily routine. Moreover, software platforms are not characterized anymore by clear and precise technological and functional boundaries. In fact, modern smart services often span over multiple actors, e.g., product vendors, telcos, proprietary Software-as-a-Service deployments, as well as several nations (possibly with incompatible laws). As a consequence, the Internet is a mixed collection of IoT devices, traditional hosts, wearable and mobile devices as well as individuals. Needles to say, its increasing human-centric nature accounts for a huge load of sensitive data, which can be considered one of the...

2016

s of the Papers Presented at the 15th European Conference on Cyber Warfare and Security

Challenges in Cybersecurity and Privacy - the European Research Landscape, 2019

1617-security en.pdf 9.2 Research Challenges Addressed 183 tackle LEAs needs in terms of prevention and action regarding terrorist social media online activity. The novelty the project brings is combining these technologies for the first time in an integrated solution that will be validated in the context of five LEAs. The consortium was designed to gather together all required capabilities and expertise that sustain the development of RED-Alert solution:

The Cyber Strategy & Policy Brief aims at raising the reader’s awareness on these issues, by monthly analysing the main international events in order to highlight the trends of cyber threats and the lessons learned that might be useful to protect national security. Keywords: Cyber Command, Cyber Intelligence, Cyber Warfare, Denmark, Deterrence, GCHQ, Iran, Marine Corps, Strategy, Syrian Electronic Army, United Kingdom, United States.

Lecture Notes in Computer Science, 2009

2015

It may be beneficial to the community of scholars in general and the members of Association of Information Systems (AIS) – Special Interest Group on Security and Privacy (SIGSEC) to coordinate research activities to achieve accomplishments that are beyond the scope of individual scholars as well as having the possibility to solve problems that are of value to both academics and practitioners. The Bright Blue Cybersecurity (BBC) research project seeks to develop a set of research goals in the area of cybersecurity and then devise strategies to coordinate efforts of both current and future scholars who wish to participate.