PROTASIS - Restoring Trust in the Cyber Space: A Systems Security Proposal

Date: 
01/05/2016 to 30/04/2020

Introduction

Fueled by a string of high profile attacks and recent revelations about unprecedented cyber surveillance, interest in systems security is rising-not just among industry and governments, but even among individual citizens across Europe. Corporate organizations worry about the viability of their businesses, nation states about cyber attacks by other nation states or terrorist groups, and citizens about the trustworthiness of the ICT infrastructures.

We this project we address these cybersecurity issues by fostering collaborations via supporting researchers from European institutes to spend time with their American counterparts in top universities. We focus our research efforts on both advanced attacks (e.g., exploits, malware, and exfiltration techniques), and defenses (e.g., developing secure software and protecting resource-constrained devices).

Who is the project designed for?

The project focuses on technical vulnerabilities, cyberattacks and cyber-defenses. In this aspect most (all?) vertical sectors can benefit from it.
The stakeholders of the project are:

  • End users and EU citizens who will mainly receive the benefits of PROTASIS in the form of an increased protection level.
  • Policymakers in the EU will make use of the identified threat vectors and defense techniques to effectively target their efforts for cybersecurity and homeland defense.
  • Security vendors and service providers will be able to integrate and use parts of the produced research information to deliver better protection to their customers.
  • Businesses will be able to assess the impact of cyberattacks against critical business processes, as well as the potential impact of cyber-physical vulnerabilities. Also, they will be able to implement some of the defensive countermeasures to improve their resilience to cyberattacks.
  • Researchers both in the industry and in the academia will be able to get access to some of the collected data and metadata for their ongoing research, besides the obvious networking and publishing fallouts of the project.

How is your project benefitting the end-user?

End users will benefit through better research, superior awareness, and better products.

Please briefly describe the results your project achieved so far

The project so far has implemented several collaborations between the European partners (FORTH, Politecnico di Milano, VUA, RUB, Telefonica, and F-Secure) and the US partners (Columbia, MIT, Northeastern, UCSB, Stony Brook, UCSB, and Stevens IT). These collaborations have resulted in top publications in places such as EuroSec, WWW, IMC, IEEE S&P, etc.
The individual systems developed relate to:

  • Vulnerabilities in industrial control systems
  • Vulnerabilities in smartphones
  • Vulnerabilities and defenses in web browsing and cookie management
  • Attacks in code randomization approaches
  • Bypassing control-flow-based defenses

What are the next steps for your project?

The next two years the project will focus on secondments and collaborations that relate to the protection for the IoT, the protection of the user’s privacy, as well as understanding the mechanisms and the impact of cyberattacks.

Week: 
Thursday, 22 March, 2018

News

Call for experts for a group on liability and new technologies

The European Commission has launched a call for experts for a group on liability and new technologies. The deadline for application is 30 April 2018.

New technologies such as artificial intelligence, advanced robotics and the Internet of Things bring enormous opportunities in various fields (transport, healthcare, agriculture, manufacturing). At the same time they could raise challenges related to liability, which is why the Commission wants to initiate a discussion on the way forward.

The main tasks of the Expert Group will be:

Events

26/04/2018
Brussels - Concertation Meeting, 26/04/2018

The registration is open for the first Cyberwatching.eu Concertation meeting, Brussels, 26 April 2018.

08/05/2018
Free and Safe in Cyber Space conference

Free and Safe in Cyber Space conference aims at building a constructive dialogue and a critical mass of suitable actors around new dual-use cybersecurity standards and certifications and complaint open technologies and ecosystems.