As existing and emerging smart cities continue to expand their IoT and AI-enabled platforms, this introduces novel and complex dimensions to the threat intelligence landscape linked with identifying, responding and sharing data related to attack vectors, based on emerging IoT and AI technologies.
IRIS’s vision is to integrate and demonstrate a single platform addressed to CERTs/CSIRTs for assessing, detecting, responding to and sharing information regarding threats & vulnerabilities of IoT and AI-driven ICT systems. IRIS concept is proposed as a federated threat intelligence architecture that instates three core technological and human-centric components into the threat intelligence ecosystem:
- The Collaborative Threat Intelligence forms the nexus of the IRIS framework and core component of the architecture enhancing the capabilities of the existing MeliCERTes platform by introducing Analytics Orchestration, an Open Threat Intelligence interface and an intuitive Threat Intelligence Companion. All this supported by a Data Protection and Accountability module;
- The Automated Threat Analytics collects and supply key threat and vulnerability assessment telemetry and respond to received intelligence, initiating autonomous response and self-recovery procedures:
- The Cloud-based Virtual Cyber Range delivers an immersive virtual environment for collaborative CERT/CSIRT training exercises based on real-world environment platforms (and Digital Twin Honeypots), providing representative adversarial IoT & AI threat intelligence scenarios and hands-on training.
The ERATOSTHENES project builds on recent challenges of Internet of Things (IoT) networks, including: lack of security visibility, lack of effective information sharing between organisations and availability of tools for CERTs/CSIRTs, heterogeneity of IoT devices, lack of a common trust enforcement mechanism and relevant standards, lack of a transparent identity and privacy frameworks and lacking security training and security protocols’ adoption for persons and devices. ERATOSTHENES will devise a novel distributed, automated, auditable, yet privacy-respectful, Trust and Identity Management Framework intended to dynamically and holistically manage the lifecycle of IoT devices, strengthening trust, identities, and resilience in the entire IoT ecosystem, supporting the enforcement of the NIS directive, GDPR and the Cybersecurity Act.
The SPATIAL (Security and Privacy Accountable Technology Innovations, Algorithms, and machine Learning) project seeks to address the challenges of black-box AI and data management in cybersecurity by designing and developing resilient accountable metrics, privacy-preserving methods, verification tools and system framework that will serve as critical building blocks to achieve trustworthy AI in security solutions. In addition to this, the project aims to help generate appropriate skills and education for trustworthy AI in cybersecurity on both societal and technical aspects. The project covers data privacy, resilience engineering, and legal-ethical accountability that are in line with EU top agenda to achieve trustworthy AI. In addition, the work carried out in SPATIAL on both social and technical aspects will serve as a stepping stone to establish an appropriate governance and regulatory framework for AI-driven security in Europe.
This project has received funding from the European Union’s Horizon 2020
Research and Innovation programme under grant agreement No. 101019645.
The content of this website reflects the Secant consortium view and the European Commission (or its delegated Agency INEA) is not responsible for any use that may be made of the information it contains