On 22 January 2021, GUARD will participate in a joint virtual workshop “Joint Standardisation Workshop of Dynamic Countering of Cyber-Attacks Projects” organized by CyberSANE. This workshop will unite all projects funded under the SU-ICT-01-2018 H2020 call, with the objective of enabling an exchange of knowledge and the elaboration of future collaborative standardization and dissemination activities.

You can find the full agenda of the workshop here.

A total of six other projects will participate in this workshop: C4IIoT, CARAMEL, GUARD, SAPPAN, SIMARGL, and SOCCRATES.

Who is C4IIoT?

C4IIOT will design, build and demonstrate a novel and unified Cybersecurity 4.0 framework that implements an innovative IoT architecture paradigm to provide an end-to-end holistic and disruptive security-enabling solution for minimizing the attack surfaces in Industrial IoT systems. C4IIOT bridges cyber assurance and protection, machine (deep) learning (ML/DL), edge/cloud computing, blockchain, and Big Data technologies to provide a viable scheme for enabling security and accountability, preserving privacy, enabling reliability, and assuring trustworthiness within evolving IIoT applications and processes (e.g. automotive). C4IIOT novel cybersecurity mechanisms are carefully orchestrated across all infrastructure elements involved within an IIoT system (e.g., IIoT devices, field gateways, cloud resources) and is based upon analysis of various data flows (e.g., IIoT device data, encrypted network flows).



CARAMEL is a project that aims to introduce innovative anti-hacking intrusion detection/prevention systems for the European automotive industry. Their goal is to proactively address modern vehicle cybersecurity challenges applying advanced Artificial Intelligence (AI) and Machine Learning (ML) techniques and also to continuously seek methods to mitigate associated safety risks.

In order to address cybersecurity considerations for the already here autonomous and connected vehicles, well-established methodologies coming from the ICT sector will be adopted, allowing the assessment of vulnerabilities and potential cyberattack impacts. Although past initiatives and cybersecurity projects related to the automotive industry have reached security assurance frameworks for networked vehicles, several newly introduced technological dimensions like 5G, autopilots, and smart charging of Electric Vehicles (EVs) introduce cybersecurity gaps, not addressed satisfactorily yet. Considering the entire supply chain of automotive operations, CARAMEL targets to reach commercial anti-hacking IDS/IPS products for the European automotive cybersecurity and to demonstrate their value through extensive attack and penetration scenarios.


Who is GUARD?

GUARD is a cybersecurity framework to Guarantee Reliability and trust for Digital service chains. They aim to design a holistic framework for advanced end-to-end assurance and protection of business service chains. GUARD also aims to improve the detection of attacks and identification of new threats as well as develop fine-grained, programmable, and low-overhead monitoring, inspection, and enforcement systems. Further to improving awareness and reactions to incidents, GUARD aims to elaborate new business models for commercial exploitation after the project lifetime.


Who is SAPPAN?

SAPPAN aims to develop a platform for sharing and automation to enable privacy-preserving and efficient response and recovery utilizing advanced data analysis and machine learning. They will provide a cyber threat intelligence system that decreases the effort required by a security analyst to find optimal responses to and ways to recover from an attack. This will be enabled within a single organization as well as across organizations through novel models for privacy-preserving data processing and sharing. SAPPAN will also enable a European level perspective on advanced cybersecurity threats detection, response, and recovery making four key contributions that go beyond existing approaches: (1) privacy-preserving aggregation and data analytics including advanced client-side abstractions; (2) federated threat detection based on sharing of anonymized data and sharing of trained machine learning models; (3) standardization of knowledge in the context of incident response and recovery to enable reuse and sharing; (4) visual, interactive support for Security Operation Center operators. SAPPAN aims to provide solutions for public international institutions and multinational companies who want to enrich their Situational Awareness by sharing cyber-security intelligence as well as solutions for small and midsize companies enabling them to outsource intrusion detection.



SIMARGL is a project co-funded by the European Commission under the Horizon 2020 programme, to combat the pressing problem of malware. It aims to tackle the new challenges in the cybersecurity field, including information hiding methods, network anomalies, stegomalware, ransomware, and mobile malware. SIMARGL will offer an integrated and validated toolkit improving European cybersecurity. The cutting-edge of the proposed solution stems from the development of a more general approach, one that has the ability to counteract the new, complex malware. SIMARGL will use breakthrough methods and algorithms to analyze the data from networks, such as concept drift detectors, advanced signal processing and transformations, lifelong learning intelligent systems (LLIS) approach, hybrid classifiers, and deep learning, just to mention some techniques.



SOCCRATES aims to develop and implement a new security platform for Security Operation Centres (SOCs) and Computer Security Incident Response Teams (CSIRTs) of individual organizations and offered by Managed Security Service Providers (MSSP). They will significantly improve their capability to quickly and effectively detect and respond to new cyber threats and ongoing attacks by using this platform. The platform contains innovative solutions to automated infrastructure modeling, improve attack detection, Cyber Threat Intelligence utilization, AI and machine learning-based threat trend prediction, and automation using Attack Defence Graphs (ADG) and business impact modeling to aid human analysis and decision making on the best course of action, enabling the execution of defensive actions at machine-speed.