Consiglio Nazionale Delle Ricerche

ESRs

Topic:
Risk aware data usage control
Publications:
Managing QoS in Smart Buildings through Software Defined Network and Usage Control, Phylogenetic Analysis for Ransomware Detection and Classification into Families
Research Work

The objective of this research is to define a set of techniques and tools for the specification and monitoring of allowed data sharing in distributed organizations. The usage control policies can be related to the risk level computed by means of several factors. The tools developed will be also used for information sharing techniques related to cyber-crime prevention and forensics aspects of data management aligned to the European cyber-security directive and associated EU policies and regulatory requirements and recommendations.

+
Topic:
Dynamic threat assessment & prediction
Research Work

The main objective of the research is to design a framework for collaborative analysis of Cyber-Threat Information (CTI). The framework itself requires automated data preprocessing for fast and effective analysis and secure information sharing among parties involved in the process. However, often CTI includes sensitive data (private and confidential information) that might be used illegally. Often, intruders use sensitive information in performing attacks on systems (e.g., injection attacks). Considering an increased number of attacks on Critical Infrastructures (CI) such as Industrial Control Systems and Smart Grids, and taking into account consequences of attacks, the development of new solutions for cybersecurity of these systems become more crucial.

The emphasis of the research is developing a security management framework for secure analysis and sharing of CTI in Industrial Control Systems. The framework will integrate intrusion detection techniques, threat, and vulnerability assessment, secure information sharing, and decision making based on the analyzed information.

Moreover, my work will focus on the practical development of new security solutions for solving issues related to communication and data access in ICS.

+
Topic:
Usage control for information sharing
Research Work

The main topic of my research is Usage Control for Information Sharing towards Internet of Things (IoT).
Usage Control is an extension of Access Control. Although Access Control evaluates attributes only once, before the start of a session, Usage Control (UCON) can deal with them if they change during this session. Beyond Access Control, UCON provides two main novelties which are continuity of control and on mutability of attributes that might cause policy revaluation which might lead to revocation.
Security and privacy are important requirements for IoT due to the inherent heterogeneity of the Internet connected objects and the ability to monitor and control physical objects. However, proprietary security solutions do not help in formulating a coherent security vision to enable
IoT devices to securely communicate with each other in an interoperable manner.
One of the most popular application layer protocols used for information sharing in IoT is Message Queue Telemetry Transport (MQTT) which is a lightweight broker-based Publish/Subscribe messaging protocol standardized in 2013 by OASIS.
My main goal is to integrate Usage Control with IoT protocols and especially with MQTT to achieve secure data sharing. Furthermore, I have created a survey towards all famous IoT application layer protocols such as CoAP, XMPP, AllJoyn, etc. to declare why MQTT is the most appropriate to collaborate with UCON.

+
Topic:
Risk assessment for cyber-insurance
Research Work

As many economic surveys (e.g., the ones of Bitterly, Ponemon, NetDigital) outline Cyber insurance is a fast-growing market. It provides an alternative solution for the treatment of residual cyber risks and smooths potential losses, which may be caused by especially harmful events (e.g., big data breaches). Therefore, nowadays much attention is devoted to the topic in practice as well as in research.

Regardless of the cyber insurance market grows and high attention to the topic, cyber insurance is immature and faces many problems. The most troublesome are lack of available statistics, information asymmetries, risk correlation and interdependency of risk. Research, combining the knowledge of cyber security, cyber security economics and insurance, is required to overcome these difficulties and foster the growing market even more.

A crucial part of insurance is correct and reliable risk assessment, which provides the information to the insurer and insured about expected losses. In the cyber world, this usual management practice faces a number of difficulties, to name a few: lack of available data, rapidly changing threat landscape, quick evolution of technologies and agile systems, large intangible losses, etc.

Taking into account the above-mentioned facts, we see that the research in risk assessment for cyber insurance is challenging and promising at the same time. It requires multidisciplinary knowledge in such topics as cyber security, security economics, threat management, insurance, risk assessment, etc. The chosen research topic is broad enough to study various possible problems, yet all of them can be easily glued in a solid framework, which we are going to build around the idea of a comprehensive and dynamic risk assessment approach.

+