01/01/2015 to 31/12/2018

An important part of security is defence in depth: multiple layers of defence used to reduce the probability of a successful attack on a system or organisation. Crucially, for defence in depth these defences must be diverse in their ability to detect and/or prevent intrusion attempts. Here, as in security in general, there is a need to support decisions through quantitative approaches, seeking to answer questions like: "should a given available budget be spent on a specific defence X or two weaker defences Y and Z which, however, if combined promise better security than X alone?", "in this threat environment, what is the likelihood of a successful intrusion achieving damage worth D over one year?" etc. This project aims to produce methods for answering such questions, inevitably in probabilistic terms, with clear understanding of how much trust can be put in these methods. We will consider these layers of defence: AntiVirus (AV) products, Intrusion Detection Systems (IDS), Firewalls, as well as the implicit layers for defence created by the inherent robustness to attack of the applications and platforms being attacked (e.g. diverse operating systems and applications). The probabilistic models that will result from this research will be of two broad types: - Conceptual models - models that are used to conceptualise the problem domain and enable understanding of relative importance of different factors and theoretical limits of the benefits of diversity with the various protection layers but that are defined at a reasonably high level of abstraction making it difficult to observe and quantify the parameters of these models in practice; - Operational models - models the parameters of which can be observed and the model can be used in operation for security assessment and prediction. Successful operation models achieve prediction, given a sequence of previous observations, in the presence of limited change. Successful conceptual models more modestly clarify non-intuitive universal truths and help to analyse scenarios (e.g. showing best- and worst-case effects rather than likely effects) for which data are insufficient for prediction The open problems that we address regarding the assessment of the potential gains from defence in depth include: - Designing multi-layered defences. There are at least three dimensions to the design: - The choice of diversity architecture: how many devices, how many types of devices etc.) - How they are combined (e.g., for products that flag possible attacks, whether a security response requires consensus among multiple layers, or just one to give an alarm,or a certain majority is required). - The nature of the assets to be protected. - Security requirements are usually expressed in terms of (at least) three constituent attributes: Confidentiality, Integrity and Availability (CIA). An important issue is that designs that improve one of these attributes may make others worse, and probabilistic models help to manage these trade-offs. - There is a difference between measuring how secure a defence system has been in the past and predicting how secure it will be, as attackers develop new techniques and security vendors try to adapt. We need methods that allow us to predict the security of one (or several) layers of defences based on what we have seen in the past. Predictions may be in terms of the probabilities of: the time to next attack; the rate of attacks that we can expect in a given time interval; vulnerabilities existing in a set of defences etc; and since these will never be infallible we need methods for assessing how well they perform so that their users know how much confidence to have in these predictions.

Thursday, 1 January, 2015 to Monday, 31 December, 2018

Project type:


SMESEC project Open Call for SMEs and SME associations
SMESEC has released an open call for SMEs and SME associations in order to validate SMESEC framework and at the same time improve their systems’ security.
SMESEC is inviting SMEs to participate in the validation of the SMESEC framework. By participating you not only have influence on the evaluation of the SMESEC framework, but also improve your own company security and get up to €20.000 of funds!

Future Events

Conference on Autonomous Security Systems
02/05/2019 to 03/05/2019

Ethical and Legal Aspects of Autonomous Security Systems

An international conference to be held at the University of Zurich in Switzerland on May 2nd-3rd, 2019, aims to explore the ethical and legal aspects of autonomous systems in the security sector. Among others, autonomous systems in cybersecurity are discussed in the conference, that is co-supported by CANVAS.

Keynote speakers

Philip G. Alston, New York University and UN Special Rapporteur
Extreme Poverty and Human Rights: Artificial Intelligence as a Threat to Human Rights?

Hermeneut project at Cybertech Tel Aviv 2019

Cybertech is the cyber industry’s foremost B2B networking platform conducting industry-related events all around the globe, the go-to place to learn all about the latest technological innovations, threats, and solutions to combating threats within the global cyber arena.