Past Research Projects
Externally Founded Projects
EU H2020 - PANACEA
2019 - 2021
Protection and privAcy of hospital and health iNfrastructures with smArt Cyber sEcurity and cyber threat toolkit for dAta and people
EU FP7- PANOPTESEC
2013 - 2016
PANOPTESEC objective is to deliver a beyond-state-of-the-art prototype of an automated cyber defence decision support system to demonstrate operational use of Dynamic Risk Approaches for Automated Cyber Defence algorithms, architecture and design. PANOPTESEC will deliver this capability through an integrated and modular, standards-based integration of technologies that collectively deliver a beyond-the-state-of-the art capability to address cyber vulnerabilities and incidents in real-time.
http://panoptesec.eu
PRIN MIUR TENACE
2013- 2015
The TENACE project investigates the protection of national critical infrastructures from cyber threats following a collaborative approach whenever appropriate.
Independent or Internally Foundend Projects
Sapienza Ateneo Grant -INOCS
INcreasing Organizations Cyber Security trough a combined defence approach
In the past, cyber defences of an organization were mainly focused on the protection from attackers coming the outside.However, many recent stories (e.g., equation group, Snowden case etc) show that organizations need to consider that the enemy can be already inside their boundaries and that he/she can act from the inside directly on IT systems.Cyber defence has thus to act like the immune system of an organism: preventing, tolerating, identifying, and destroying pathogens. A protection system should do three basic things: (i) intruders detection, (ii) support the correct delivery of digital services (also when an infection is spreading) and (iii) prevent new intruders from breaking cyber space defences.In addition, to increase the cyber defence, security aspects must be considered also at design time trying to define systems able to tolerate the presence of an attacker.The project will focus mainly on the analysis and definition of models, algorithms, and techniques to increase the security level of a given organization and to efficiently and effectively respond in case of a cyber attack. In particular, we will consider security requirements also in the design phase of the system by defining and implementing basic building blocks able to tolerate the presence of a limited number of intruders in the system. Then, we will focus on monitoring, detection and reaction mechanism to cope with possible attackers not considered at design time.We will define several profiles of attackers (i.e., attack models) and then we will design architectures and algorithms to let the system survive to attacks.We will also define a visual analytic environment to support security operators in their duties both at design and runtime. In particular, we will provide a support that will contribute to raising the operator situation awareness helping him/her in actuating the best response to a certain attack scenario.