As existing and emerging smart cities continue to expand their IoT and AI-enabled platforms, this introduces novel and complex dimensions to the threat intelligence landscape linked with identifying, responding and sharing data related to attack vectors, based on emerging IoT and AI technologies.
IRIS’s vision is to integrate and demonstrate a single platform addressed to CERTs/CSIRTs for assessing, detecting, responding to and sharing information regarding threats & vulnerabilities of IoT and AI-driven ICT systems. IRIS concept is proposed as a federated threat intelligence architecture that instates three core technological and human-centric components into the threat intelligence ecosystem:
- The Collaborative Threat Intelligence forms the nexus of the IRIS framework and core component of the architecture enhancing the capabilities of the existing MeliCERTes platform by introducing Analytics Orchestration, an Open Threat Intelligence interface and an intuitive Threat Intelligence Companion. All this supported by a Data Protection and Accountability module;
- The Automated Threat Analytics collects and supply key threat and vulnerability assessment telemetry and respond to received intelligence, initiating autonomous response and self-recovery procedures:
- The Cloud-based Virtual Cyber Range delivers an immersive virtual environment for collaborative CERT/CSIRT training exercises based on real-world environment platforms (and Digital Twin Honeypots), providing representative adversarial IoT & AI threat intelligence scenarios and hands-on training.
The ERATOSTHENES project builds on recent challenges of Internet of Things (IoT) networks, including: lack of security visibility, lack of effective information sharing between organisations and availability of tools for CERTs/CSIRTs, heterogeneity of IoT devices, lack of a common trust enforcement mechanism and relevant standards, lack of a transparent identity and privacy frameworks and lacking security training and security protocols’ adoption for persons and devices. ERATOSTHENES will devise a novel distributed, automated, auditable, yet privacy-respectful, Trust and Identity Management Framework intended to dynamically and holistically manage the lifecycle of IoT devices, strengthening trust, identities, and resilience in the entire IoT ecosystem, supporting the enforcement of the NIS directive, GDPR and the Cybersecurity Act.
The SPATIAL (Security and Privacy Accountable Technology Innovations, Algorithms, and machine Learning) project seeks to address the challenges of black-box AI and data management in cybersecurity by designing and developing resilient accountable metrics, privacy-preserving methods, verification tools and system framework that will serve as critical building blocks to achieve trustworthy AI in security solutions. In addition to this, the project aims to help generate appropriate skills and education for trustworthy AI in cybersecurity on both societal and technical aspects. The project covers data privacy, resilience engineering, and legal-ethical accountability that are in line with EU top agenda to achieve trustworthy AI. In addition, the work carried out in SPATIAL on both social and technical aspects will serve as a stepping stone to establish an appropriate governance and regulatory framework for AI-driven security in Europe.
Name: Dr. Ana Ferreira.
Position/Organization: CINTESIS@RISE, Faculty of Medicine, University of Porto, Portugal
Main expertise/ Area of expertise: Dr. Ana Ferreira (CISSP, HCISPP) is an information security specialist, teacher and researcher at CINTESIS@RISE, Faculty of Medicine University of Porto, Portugal.
Short biography: She is the author of more than 110 scientific publications, with 800 citations, in the areas of cybersecurity in digital healthcare, ehealth and medical informatics and she frequently participates as a cybersecurity expert evaluator for the European Commission in these areas.
Name: Prof. Christos Xenakis.
Position/Organization: Department of Digital Systems, University of Piraeus, Greece.
Main expertise/Area of expertise: Information security, and infrastructure protection.
Short biography: Prof. Christos Xenakis (Male) received his B.Sc degree in computer science in 1993 and his M.Sc degree in telecommunication and computer networks in 1996, both from the Department of Informatics and Telecommunications, University of Athens, Greece. In 2004 he received his Ph.D. from the University of Athens (Department of Informatics and Telecommunications). From 1998 – 2001 he was with a Greek telecoms system development firm, where he was involved in the design and development of advanced telecommunications subsystems. From 1996 – 2007 he was a member of the Communication Networks Laboratory of the University of Athens. Since 2007 he is a faculty member of the Department of Digital Systems of the University of Piraeus, Greece, where currently is a Professor, a member of the Systems Security Laboratory and the director of the Postgraduate Degree Programme, on “Digital Systems Security”. He has participated in numerous projects realized in the context of EU Programs (ACTS, ESPRIT, IST, AAL, DGHOME, Marie Curie, Horizon2020) as well as National Programs (Greek). He is the project manager the CUREX, SECONDO, INCOGNITO and SealedGRID projects, funded by Horizon2020, while he was the project manager of the ReCRED project funded by Horizon 2020 and the technical manager of the UINFC2 project funded by DGHOME/ISEC. He is also a steering committee member of the European Cyber Security Challenge (ECSC) and the leader of the Hellenic Cyber Security Team. He is a member of the editorial board of four Thomson Reuters indexed journals: a) Computers & Security Journal of the Elsevier publishing, b) Computer Communications Journal of the Elsevier publishing, c) The Computer Journal of the Oxford University Press and c) IET Information Security of the Institute of Engineering and Technology. His research interests are in the field of systems, networks and applications security. He has authored more than 100 papers in peer-reviewed journals and international conferences.
Name: Prof. Mauro Conti
Position/Organization: Department of Mathematics – University of Padua, Italy – Full Professor. I am also partially affiliated with TU Delft, NL (Faculty of Faculty of Electrical Engineering, Mathematics & Computer Science).
Main expertise/Area of expertise: My research interest is in security and privacy for wireless resource-constrained mobile devices (WSNs, RFIDs, and smartphones); computer system security; computer forensics; access control; distributed and networked systems.
Short biography: Mauro Conti is Full Professor at the University of Padua, Italy. He is also affiliated with TU Delft and University of Washington, Seattle. He obtained his Ph.D. from Sapienza University of Rome, Italy, in 2009.
After his Ph.D., he was a Post-Doc Researcher at Vrije Universiteit Amsterdam, The Netherlands. In 2011 he joined as Assistant Professor at the University of Padua, where he became Associate Professor in 2015, and Full Professor in 2018. He has been Visiting Researcher at GMU, UCLA, UCI, TU Darmstadt, UF, and FIU. He has been awarded with a Marie Curie Fellowship (2012) by the European Commission, and with a Fellowship by the German DAAD (2013). His research is also funded by companies, including Cisco, Intel, and Huawei. His main research interest is in the area of Security and Privacy. In this area, he published more than 450 papers in topmost international peer-reviewed journals and conferences. He is Editor-in-Chief for IEEE Transactions on Information Forensics and Security, Area Editor-in-Chief for IEEE Communications Surveys & Tutorials, and has been Associate Editor for several journals, including IEEE Communications Surveys & Tutorials, IEEE Transactions on Dependable and Secure Computing, IEEE Transactions on Information Forensics and Security, and IEEE Transactions on Network and Service Management. He was Program Chair for TRUST 2015, ICISS 2016, WiSec 2017, ACNS 2020, CANS 2021, and General Chair for SecureComm 2012, SACMAT 2013, NSS 2021 and ACNS 2022. He is Fellow of the IEEE, Senior Member of the ACM, and Fellow of the Young Academy of Europe.
Name: Prof. Sokratis Katsikas
Position/Organization: Center for Cyber and Information Security, Norwegian University of Science and Technology, Norway.
Main expertise/Area of expertise: Cyber security risk management, data protection, GDPR.
Short biography: Sokratis K. Katsikas was born in Athens, Greece, in 1960. He is the Director of the Norwegian Centre for Cybersecurity in Critical Sectors and Professor with the Department of Information Security and Communication Technology, Norwegian University of Science and Technology, Norway. He is also Professor Emeritus of the Department of Digital Systems, University of Piraeus, Greece. In 2019 we were awarded a Doctorate Honoris Causa from the Department of Production and Management Engineering, Democritus University of Thrace, Greece. In 2021 he was ranked 7th in the security professionals category of the IFSEC Global influencers in security and fire list. He has authored or co-authored more than 300 journal papers, book chapters and conference proceedings papers. He is serving on the editorial board of several scientific journals, he has co-authored/edited 46 books and has served on/chaired the technical programme committee of more than 800 international scientific conferences. He chairs the Steering Committee of the ESORICS Conference and he is the Editor-in-Chief of the International Journal of Information Security.
Name: Manos Panaousis
Position/Organization: Associate Professor and Head of the Cyber Risk Lab at the University of Greenwich
Main expertise/Area of expertise: Cibersecurity
Short biography: I am a Professor of Cyber Security and Head of Cyber Risk at the Internet of Things and Security Centre (ISEC). ISEC is located at the University of Greenwich, Faculty of Engineering and Science, School of Computing and Mathematical Sciences. I direct the Cyber Risk research strategy of ISEC acting also as its liaison with industrial partners.
My research interests are at the intersection of security and privacy engineering, multi-agent systems and mathematical optimisation. My core expertise is designing and implementing robust cyber security defences against adversarial behaviour including threat modelling and cyber risk optimisation. One of my main goals is to invent, develop, and evaluate new models and methods that can be adopted by organisations and individuals. This is aligned with ISEC’s impact strategy to contribute to a secure UK society against cyber-physical threats.
My research has been funded by the National Cyber Security Centre (NCSC), the Research Institute in Sociotechnical Cyber Security (RISCS), the Engineering and Physical Sciences Research Council (EPSRC), the European Commission (H2020), and the Greenwich Research & Enterprise (GRE). I have been involved, as Principal (PI) and Co-Investigator (Co-I), in grants in worth in excess of £20m, leading tasks, work packages, and the preparation of their bids. In total, I have attracted £1.15M as PI and £1.08M as Co-I.
Name: Farhan Sahito
Main expertise/Area of expertise: EU Commission reviewers and Ethical, GDPR and Legal experts.
Short biography: Farhan Sahito has been the Director General in Privanova (Paris based company) since October 2020. Prior to joining Privanova, Farhan was working with Capgemini France as a Cyber Innovation Director where he was leading international AI, machine learning, smart cities projects . Before that, he was working as Senior Project Manager in INTERPOL’s Office of Legal Affairs in Lyon France (2014 – 2018) where he managed several cybercrime, AI, new technologies international projects along with 194 member countries. He also served as an Expert on the Panel with the United Nations Security Council Sanctions Committee in New York for one year. Prior to joining the United Nations, he was working with Pakistan police and also served as Director in Cybercrime unit of the Federal Investigation Agency Pakistan (2002– 2014).
Dr. Sahito is also assisting the European Commission as an external evaluator and as a rapporteur for the European Commission since 2015 in the FP7, H2020, Horizon Europe, EIC Accelerator and Marie Skłodowska-Curie Actions and have evaluated more than 150 project proposals submitted for EU funding on new technologies, information security, cybersecurity, cybercrime, Artificial Intelligence, smart cities, blockchain, law enforcement research and innovation projects
Farhan holds a Ph.D. in Cybersecurity from the Graz University of Technology Austria, Master’s degree in Criminology from the University of Melbourne Australia, Master’s degree in Information Technology as well as Master’s degree in Economics from Pakistan.
Name: As. Professor Konstantinos Katzis
Position/Organization: European University Cyprus, Cyprus
Main expertise/Area of expertise: Trust and accountability, cybersecurity learning and training
Short biography: Here is my short bio: Dr Konstantinos Katzis (Μ) received his BEng degree in Computer Systems Engineering and his MSc degree in Radio Systems Engineering from the University of Hull (UK) in 2000 and 2001 respectively. In 2006, Dr Katzis received his PhD degree in Electronics from University of York (UK). His current research interests include dynamic spectrum access and cognitive radio, architectures for 5G and beyond, Software Define Radio communications, Network Security for future IoT Health architectures. Recently, he received the Fulbright Visiting Scholar fund to work on his proposal “Requirement Analysis of 5G Networks Supporting IoT-Health Applications” in collaboration with the National Institute of Standards and Technology (NIST – US). He currently holds the position of the secretary of IEEE1900.6 standard overlooking the Security aspects of Dynamic Spectrum Access protocol and co-Chair of IEEE2733 (actively involved in Sub-Groups: Safety, Security and Protection and Sub Group: Use Cases and Scenarios). Currently, he is a programme committee member of the Framework Programme Horizon Europe for Space and the national technical expert for the Euro – Quantum Communication Infrastructure. Dr Katzis is an Associate Professor and Deputy-Dean of the School of Sciences at European University Cyprus.
This project has received funding from the European Union’s Horizon 2020
Research and Innovation programme under grant agreement No. 101019645.
The content of this website reflects the Secant consortium view and the European Commission (or its delegated Agency INEA) is not responsible for any use that may be made of the information it contains