Universidad De Malaga

Short Name: 
UMA
Country: 
Spain
Principal Investigator: 
Javier Lopez

ESRs

Topic:
Trustworhy information exchange
Research Work

The research topic is the design and development of an architecture and methodology for trusted threat intelligence sharing in the context of Security Analytics. The basic idea is to incorporate in our security analytics platform cyber-information coming from externals sources (public and private) in order to anticipate the defenses and be prepared for the attack. It is crucial to take into consideration the trust and reputation of the different sources before applying this information in order to prevent malicious nodes from feeding wrong or misleading info. The assessment of the information has to bear in mind two different types of source provisioning:

  • information is handled by a single provider. In this case it is necessary to assess the trust in the source node because the trust in the information it provides is dependant of it
  • information provided is a compilation of different sources. For this case it is necessary to assess the different data and, therefore, needs to be assessed individually for each data source provider

We also contemplate the provisioning of information, resulting from our analysis and activity, to external sources.

+
Topic:
Metrics for cyber-security
Research Work

The main topic of research of ESR3 is “metrics for cybersecurity”. This work will deal in particular with trust metrics for the Internet of Things. The vision of the Internet of Things (IoT) is founded on the following premise: it is possible to create a world-wide network of interconnected objects, or things, which will probably be readable, recognizable, locatable, addressable, and/or controllable via the Internet. Billions of devices are foreseen to be connected by 2020, so trust issues will grow exponentially. Trust is necessary in a system such as IoT because the entities involved should know the other entities they have to interact with. The problem of finding a suitable way to establish trust becomes more complicated in IoT due to its heterogeneity. Trust management systems have been used during the decision-making process in order to assist entities that have to interact with others in a system. How to measure trust then becomes a key issue for IoT systems as all the heterogeneous entities will use their own trust management systems and this is challenging.

+