Combining text analysis techniques with unsupervised machine learning methodologies for improved software vulnerability management

Software vulnerability management constitutes a prominent research area for security analysts and researchers. One of the main pillars of the […]

A tree-based machine learning methodology to automatically classify software vulnerabilities

Software vulnerabilities have become a major problem for the security analysts, since the number of new vulnerabilities is constantly growing. […]

Sly, a red teaming orchestration tool

Accepted, it is not yet published.

Perspectives in the Design of a Modern Cybersecurity Training Programme: The ECHO Approach

The paper leverages the training and education-related research outputs developed under the ECHO project. They are compared to the progress […]

Quality Models for Artificial Intelligence Systems: Characteristic-Based Approach, Development and Application

The factors complicating the specification of requirements for artificial intelligence systems (AIS) and their verification for the AIS creation and […]

Digital Image Representation by Atomic Functions: The Compression and Protection of Data for Edge Computing in IoT Systems

Digital images are used in various technological, financial, economic, and social processes. Huge datasets of high-resolution images require protected storage […]

Towards Trustworthy Safety Assessment by Providing Expert and Tool-Based XMECA Techniques

Safety assessment of modern critical instrumentation and control systems is a complicated process considerably dependent on expert techniques, single/multiple faults […]

AI Cybersecurity Assurance for Autonomous Transport Systems: Scenario, Model, and IMECA-Based Analysis

The paper investigates problems and ways of utilizing Artificial Intelligence (AI) to ensure the cybersecurity of autonomous transport systems (ATSs) […]

Sector-Specific Training – A Federated Maritime Scenario

The infrastructure in the maritime sector has evolved to integrate more and more connected systems. The maritime environment very much […]

ECHO Early Warning System as a Preventive Tool against Cybercrime in the Energy Sector

The purpose of this case study is to bring lessons learned from the ECHO project to the DYNAMO project in […]

Design Science Research towards ECHO Governance and Management Information System

The ECHO (European network of Cybersecurity centers and competence Hub for innovation and Operations) CNO (collaborative network organization) is supposed […]

ECHO Asset on Governance and Management Consulting for Collaborative Network Organizations

The paper presents a methodology for governance model design, implementation and transition to a Collaborative Network Organization (CNO). It is […]

ECHO Federated Cyber Range as a Tool for Validating SHAPES Services

ECHO is a cybersecurity pilot project under the H2020 Program. The ECHO Federated Cyber Range (E-FCR) providesenabling technology supporting ECHO […]

A RAkEL-based methodology to estimate software vulnerability characteristics & score – an application to EU project ECHO

Software vulnerabilities constitute a critical threat for cybersecurity analysts in the contemporary society, since the successfully exploited vulnerabilities could harm […]

The European Commission contribution to cybersecurity through the ECHO project

This paper introduces the work carried out within project ECHO (European network of Cybersecurity centres and competence Hub for innovation […]

Resilient Learning as a Tool for Excellence: Laurea’s Students in the ECHO H2020 Project during the COVID-19 Pandemic

This article explores the pedagogical approach introduced during the COVID-19 pandemic, which is suitable for both e-learning and face-to-face learning. […]

Lightweight compression with encryption based on Asymmetric Numeral Systems

Data compression combined with effective encryption is a common requirement of data storage and transmission. Low costof these operations is […]

Trends and challenges for balanced scoring in cybersecurity exercises: A case study on the example of Locked Shields

Cybersecurity exercises (CSXs) enable raising organizational awareness, testing capabilities, identifying strengths and weaknesses, and gaining hands-on practice in building resilience […]

Multi-sector Risk Management Framework for Analysis Cybersecurity Challenges and Opportunities

This paper describes an approach to analyse transversal and inter-sectoral cybersecurity challenges and opportunities: dedicated risk assessment and management framework, […]

Impact of Nonbinary Input Vectors on Security of Tree Parity Machine

Key agreement protocol is an essential step for establishing a secure connection. The inevitable advancements in quantum computing technologies pose […]

Approach to Sector-Specific Cybersecurity Schemes: Key Elements and Security Problem Definition

This paper documents the approach to define cybersecurity certification schemes as candidate methods for sector cybersecurity product certification as part […]

A New Method for Image Protection Using Periodic Haar Piecewise-Linear Transform and Watermarking Technique

The paper presents a novel data-embedding method based on the Periodic Haar Piecewise-Linear (PHL) transform. The theoretical background behind the […]

Synchronization of Tree Parity Machines Using Nonbinary Input Vectors

Neural cryptography is the application of artificial neural networks (ANNs) in the subject of cryptography. The functionality of this solution […]

A Sponge-Based Key Expansion Scheme for Modern Block Ciphers

Many systems in use today require strong cryptographic primitives to ensure confidentiality and integrity of data. This is especially true […]

An Asynchronous AAA Blockchain-Based Protocol for Configuring Information Systems

The increasing number of security breaches in centralized systems provides the necessity to introduce decentralization in more fields. The Blockchain […]

Heuristic Intrusion Detection Based on Traffic Flow Statistical Analysis

As telecommunications are becoming increasingly important for modern systems, ensuring secure data transmission is getting more and more critical. Specialised […]

Towards a Robust and Scalable Cyber Range Federation for Sectoral Cyber/Hybrid Exercising: The Red Ranger and ECHO Collaborative Experience

Cyber exercising is essential to crisis management preparation and maintaining a robust cybersecurity posture. To prepare for growing hybrid threats, […]

Cyber Red Teaming: Overview of Sly, an Orchestration Tool

The complexity of protecting interconnected IT systems grows with the development of new products and applications. Consequently, the capability of […]

Perspectives in the Design of a Modern Cybersecurity Training Programme: The ECHO Approach

The paper leverages the training and education-related research outputs developed under the ECHO project. They are compared to the progress […]

Piloting the ECHO e-Skills and Training Toolkit

Besides many benefits, ICT technologies are faced with cyber threats. Organizations of today, therefore, face many challenges that require technical, […]

Governance Consulting Services and Tools: Governance Model Design for Collaborative Networked Organisations in the Cyber Domain

The article is based on a study conducted within the European network of Cybersecurity centres and competence Hub for innovation […]

Governance Consulting Services and Tools: Transition Planning and Implementation for Collaborative Networked Organisations in the Cyber Domain

This study aimed to develop a methodology for governance model implementation and transition for a collaborative networked organisation in the […]

Preserving Privacy of Security Services in the SecaaS Model

Outsourcing security services to the cloud allows companies to minimize IT infrastructure costs, use services faster, improve manageability, and reduce […]

Towards Continuous Enrichment of Cyber Threat Intelligence: A Study on a Honeypot Dataset

Cyber Threat Intelligence helps organisations in their fight against cyber threats to strategically design their defences and support decision making […]

Leveraging Cyber Ranges for Prototyping, Certification and Training: The ECHO case

Security needs and demands are nowadays constantly increasing for cybersecurity professionals and organisations in general. A cyber range provides a […]

Comparing Cybersecurity Information Exchange Models and Standards for the Common Secure Information Management Framework

Cyber threats have increased in spite of formal economic integration in the world. Decision-makers and authorities need to respond to […]

Named Entity Recognition in Cyber Threat Intelligence Using Transformer-based Models

The continuous increase in sophistication of threat actors over the years has made the use of actionable threat intelligence a […]

Towards Selecting Informative Content for Cyber Threat Intelligence

Nowadays, there is an increasing need for cyber security professionals to make use of tools that automatically extract Cyber Threat […]

Conception and Application of Dependable Internet of Things Based Systems

Context The problem is in the design, development, maintenance and commissioning of interoperable dependable systems using on the Internet of […]

Enhancing the European Cyber Threat Prevention Mechanism

This research will determine how it is possible to implement the national cyber threat prevention system into the EU level […]

Cybersecurity User Requirements Analysis: The ECHO Approach

Cyber defense requires research and investment in advanced technological solution as well as in the development of effective methods and […]

Detecting User Behavior in Cyber Threat Intelligence: Development of Honeypsy System

This research demonstrates a design of an experiment of a hacker infiltrating a server where it is assumed that the […]

Invariant-Based Safety Assessment of FPGA Projects: Conception and Technique

This paper describes a proposed method and technology of safety assessment of projects based on field programmable gate arrays (FPGA). […]

Vulnerability Exposure Driven Intelligence in Smart, Circular Cities

In this paper we study the vulnerability management dimension in smart city initiatives. As many cities across the globe invest […]

Detection of Advanced Web Bots by Combining Web Logs with Mouse Behavioural Biometrics

Web bots vary in sophistication based on their purpose, ranging from simple automated scripts to advanced web bots that have […]

Data Sanitisation and Redaction for Cyber Threat Intelligence Sharing Platforms

The recent technological advances and changes in the daily human activities increased the production and sharing of data. In the […]

Trust and Quality Computation for Cyber Threat Intelligence Sharing Platforms

Information sharing has been considered a critical solution against the ever-increasing complexity of cyber-attacks. In this effort Cyber Threat Intelligence […]

Web Bot Detection Evasion Using Generative Adversarial Networks

Web bots are programs that can be used to browse the web and perform automated actions. These actions can be […]

Multi-UAV Mission Planning for Monitoring Critical Infrastructures Considering Failures and Cyberattacks

The article presents the state of the art of utilizing unmanned aerial vehicles (UAVs) to monitor critical infrastructures (CI). First, […]

Planning and Implementing Change in Cyber Security Network Organisations

This article presents an important aspect of the governance and management of network organisations – planning and implementing organisational change. […]

MAIT: Malware Analysis and Intelligence Tool

Malware is the instrument that delivers the decisive blow in cyber-attacks. A first-time presented malware or an updated malware can […]

Host-based Intrusion Detection Using Signature-based and AI-driven Anomaly Detection Methods

Cyberattacks are becoming more sophisticated, posing even greater challenges to traditional intrusion detections methods. Failure to prevent the intrusions could […]

Heuristic-based Intrusion Detection Functionality in a Snort Environment

This article provides an introduction to intrusion detection systems, focusing on extending the Snort environment’s functionalities by adding a new […]

New Orthogonal Transforms for Signal and Image Processing

In the paper, orthogonal transforms based on proposed symmetric, orthogonal matrices are created. These transforms can be considered as generalized […]

Cybersecurity Test Range for Autonomous Vehicle Shuttles

Success Factors for Designing a Cybersecurity Exercise on the Example of Incident Response

Exercises are a resource intensive form of providing participants learning, capability testing and validation of plans and procedures. As exercises […]

The Current State of The Art and Future of European Cyber Range Ecosystem

The Cyber Range Focus Group (CRFG) is established in the context of the four Horizon 2020 pilots contributing to the […]

ECHO Federated Cyber Range: Towards Next-Generation Scalable Cyber Ranges

Cyber ranges are valuable assets but have limitations in simulating complex realities and multi-sector dependencies; to address this, federated cyber […]

A distributed security tomography framework to assess the exposure of ICT infrastructures to network threats

The scope of cyber security becomes wider and wider with time and cyber threats rapidly change. This strongly impacts the […]

Combining exposure indicators and predictive analytics for threats detection in real industrial IoT sensor networks

We present a framework able to combine exposure indicators and predictive analytics using AI-tools and big data architectures for threats […]

Towards a Healthcare Cybersecurity Certification Scheme

The EU Cybersecurity Act introduces cybersecurity certification framework for ICT products, services and processes. Following ENISA’s EUCC (the Common Criteria […]

An Artificial Intelligence Cyberattack Detection System to Improve Threat Reaction in e-Health

In the e-Health domain, new and continuously evolving threats emerge every day. The security of e-Health telemonitoring systems is no […]

Scoping the Scenario Space for Multi-sector Cybersecurity Analysis

The paper presents results from the Horizon 2020 ECHO project, supporting the identification and development of cyberattack scenarios. It explores […]

Business, Organisational and governance modalities of collaborative cybersecurity networks

Countering advanced cyber threats requires investments in awareness and qualified personnel, as well as advanced technological solutions. Very few companies […]

Multivariable Heuristic Approach to Intrusion Detection in Network Environments

The Internet is an inseparable part of our contemporary lives. This means that protection against threats and attacks is crucial […]

Age and Gender as Cyber Attribution Features in Keystroke Dynamic-Based User Classification Processes

Keystroke dynamics are used to authenticate users, to reveal some of their inherent or acquired characteristics and to assess their […]

Cybersecurity in Next Generation Energy Grids: Challenges and Opportunities for Blockchain and AI Technologies

Renewable energy sources and the increasing interest in green energy has been the driving force behind many innovations in the […]

Digitalization and Cyber Resilience Model for the Bulgarian Academy of Sciences

The paper is based on a three-year internal study on digitalization and cyber resilience of the academy of sciences in […]

Embedding an Integrated Security Management System into Industry 4.0 Enterprise Management: Cybernetic Approach

The paper contains the results of the analysis of methodologies and standards obtaining the requirements to security management systems of […]

Knowledge Management Model Based Approach to Profiling of Requirements: Case for Information Technologies Security Standards

The paper is based on a three-year internal study on digitalization and cyber resilience of the academy of sciences in […]

Scoping the Scenario Space for Multi-sector Cybersecurity Analysis

The paper presents results from the Horizon 2020 ECHO project, supporting the identification and development of cyberattack scenarios. It explores […]

National Cyber Threat Prevention Mechanism as a part of the E-EWS

The research will find out feature-based functionalities concerning the national cybersecurity system HAVARO and how the system is possible to […]

Multi-sector Assessment Framework – a New Approach to Analyse Cybersecurity Challenges and Opportunities

This paper presents a new approach to analyse cybersecurity challenges and opportunities, focused on the development of a new risk […]

Impact of Bloom Filters on Security and Efficiency of SecaaS Services

With a rapid growth of cybercrime, security services play a crucial role in protecting modern networks. In order to minimize […]

Criticality Assessment of Critical Information Infrastructure Objects: A Category Based Methodology and Ukrainian Experience

The paper outlines the basic principles and assumptions used to assess the criticality of critical infrastructure object (CIO) and critical […]

A New Steganographic Algorithm for Hiding Messages in Music

Steganography in audio files usually revolves around well-known concepts and algorithms, least significant bit algorithm to name one. This paper […]

A Digital Twin for the Logistics System of a Manufacturing Enterprise Using Industrial IoT

This article presents a Digital Twin (DT) for the logistics system of a manufacturing enterprise using industrial IoT. DT data […]

Cybernetic Approach to Developing Resilient Systems: Concept, Models and Application

The paper contains the results of the development and implementation of a cybernetic approach to the creation of resilient systems. […]

A Logical Model for Multi-Sector Cyber Risk Management

The increasing reliance on digital infrastructures makes whole sectors of the economy and public services vulnerable to attacks through cyberspace. […]

From Classroom to Online Teaching – A Case during COVID19

The Covid19-virus outbreak during the spring of 2020 forced many changes in work, life and society. Laurea University of Applied […]

A Governance Model for an EU Cyber Security Collaborative Network – ECSCON

This white paper on governance of European Cyber Security Collaborative Network (ECSCON) is proposed as a joint effort between the […]

A Governance Model of a Collaborative Networked Organization for Cybersecurity Research

This article presents the results of the analysis of governance and management practices of Collaborative Network Organisations (CNOs) in the […]

Organizational Learning in the Academic Literature – Systematic Literature Review

The European Union (EU) promotes European innovation. Diverse stake-holders have opportunities to create knowledge by engaging in innovation projects. Society […]

Societal Impact Assessment of a Cyber Security Network Project

The European Union promotes innovation through its funding programmes for research and innovation. To support the innovation process, one of […]

On the Assessment of Completeness and Timeliness of Actionable Cyber Threat Intelligence Artefacts

In this paper we propose an approach for hunting adversarial tactics, techniques and procedures by leveraging information described in structured […]

A Machine Learning Approach to Dataset Imputation for Software Vulnerabilities

This paper proposes a supervised machine learning approach for the imputation of missing categorical values in a dataset where the […]

Addressing the Security Gap in IoT: Towards an IoT Cyber Range

The paradigm of Internet of Things has now reached a maturity level where the pertinent research goal is the successful […]

Information Sharing Models for Early Warning Systems of Cybersecurity Intelligence

An Early Warning System (EWS) for cybersecurity intelligence will provide the capability to share information to provide up to date […]

MonSys: A Scalable Platform for Monitoring Digital Services Availability, Threat Intelligence and Cyber Resilience Situational Awareness

Today’s digital society implies interconnectivity between the online operations of different sectors of everyday life and economy alike. As a […]

Towards the Design of a Cybersecurity Competence Network: Findings from the Analysis of Existing Network Organisations

The increasing reliance of economy, society and state on cyberspace and proliferating cyber risks require not only technologies and qualified […]

Learning Analytics Perspective: Evidencing Learning from Digital Datasets in Cybersecurity Exercises

Cybersecurity exercises are gaining in popularity in university curricula and professional training paths and are seen as an effective teaching […]

Governance Model of a Cybersecurity Network: Best Practices in the Academic Literature

Proliferating cyber threats, both in terms of diversity and intensity, require a timely development and implementation of effective solutions, which […]

Unravelling Ariadne’s Thread: Exploring the Threats of Decentralised DNS

The current landscape of the core Internet technologies shows considerable centralisation with the big tech companies controlling the vast majority […]

Availability Models of Industrial Internet of Things Wired System Considering Cyberattacks

A promising direction for the development of industrial enterprises is the Industrial Internet of Things (IIoT) technologies introduction. The paper […]

Business Models of Collaborative Networked Organisations: Implications for Cybersecurity Collaboration

The incorporation of advanced information and communications technologies allows for the effective collaboration of diverse and geographically distributed legal entities […]

Governance of Collaborative Networked Organisations: Stakeholder Requirements

The digital transformation of industry provides opportunities for increased collaboration. Utilising the increasing power of communications and access to information, […]

Error Reconciliation in Quantum Key Distribution Protocols

Quantum Key Distribution (QKD) protocols allow the establishment of symmetric cryptographic keys up to a limited distance at limited rates. Due […]

An architecture for resilient intrusion detection in ad-hoc networks

We study efficient and lightweight Intrusion Detection Systems (IDS) for ad-hoc networks via the prism of IPv6-enabled Wireless Sensor Actuator […]

Improving Forensic Triage Efficiency through Cyber Threat Intelligence

The complication of information technology and the proliferation of heterogeneous security devices that produce increased volumes of data coupled with […]

Towards the Design of a Collaborative Cybersecurity Networked Organisation…

The effective response to the proliferation and growing diversity and sophistication of cyber threats requires a broad spectrum of competencies, […]

Interoperability Challenges in the Cybersecurity Information Sharing Ecosystem

Threat intelligence helps businesses and organisations make the right decisions in their fight against cyber threats, and strategically design their […]

Computationally intensive functions in designing and operating distributed cyber secure and resilient systems

Increasing incorporation of advanced information technologies makes business and public organisations more effective and efficient, while often introducing exploitable vulnerabilities. […]

Integrative Approach to Understand Vulnerabilities

Rapid technological advances provide numerous benefits to our ways of work and leisure, banking and transportation, delivery of products and […]

Integrated Model of Knowledge Management…

The paper presents analysis of existing knowledge management models and justification for introducing an integrated model of knowledge management for […]

Integrated Security Management System for Enterprises in Industry 4.0

This paper presents results from the analysis of methodologies and standards aiming to meet the requirements to security management of […]

Cyber Situational Awareness and Information Sharing…

Cybersecurity-related capabilities play an ever-growing role in national security, as well as securing the functions vital to society. The national […]

CISE as a Tool for Sharing Sensitive Cyber Information in Maritime Domain

The ECHO project aims at organizing and coordinating an approach to strengthen proactive cyber security in the European Union through […]

Comparative Research: Cybersec. Information Sharing Models

Cyber threats are on the increase. Authorities need to respond to growing challenges by increasing cooperation. Information sharing or information […]

Utilising Experiential and Organizational Learning Theories

Development of information technology and the globalization require constant investment in people. New and emerging technologies such as autonomous systems, […]

Quantum-Based Solutions for the Next-Generation Internet

Quantum physics influences modern computer science and communications. We observe new quantum-based solutions which are being implemented in practical networks. […]

Blockchain and AI for the Next Generation Energy Grids

Renewable energy sources and the increasing interest in green energy have been the driving forces behind many innovations in the […]

Network-based Steering of Bulgaria’s Cybersecurity Research

The increasing reliance of economies, public administrations, military and security services, and our everyday activities on advanced information and communication […]

Methodology for Organizational Design of Cyber Research Networks

The paper presents possible approaches for building a new network organization in the area of cybersecurity. The study is focused […]