Anonymizing cybersecurity data in critical infrastructures: the CIPSEC approach

Cybersecurity logs are permanently generated by network devices to describe security incidents. With modern computing technology, such logs can be exploited to counter threats in real time or before they gain a foothold. To improve these capabilities, logs are usually shared with external entities. However, since cybersecurity logs might contain sensitive data, serious privacy concerns arise, even more when critical infrastructures (CI), handling strategic data, are involved. We propose a tool to protect privacy by anonymizing sensitive data included in cybersecurity logs. We implement anonymization mechanisms grouped through the definition of a privacy policy. We adapt said approach to the context of the EU project CIPSEC that builds a unified security framework to orchestrate security products, thus offering better protection to a group of CIs. Since this framework collects and processes security-related data from multiple devices of CIs, our work is devoted to protecting privacy by integrating our anonymization approach.Peer ReviewedPostprint (published version

TREC Incident Streams: Finding Actionable Information on Social Media

The Text Retrieval Conference (TREC) Incident Streams track is a new initiative that aims to mature social media-based emergency response technology. This initiative advances the state of the art in this area through an evaluation challenge, which attracts researchers and developers from across the globe. The 2018 edition of the track provides a standardized evaluation methodology, an ontology of emergency-relevant social media information types, proposes a scale for information criticality, and releases a dataset containing fifteen test events and approximately 20,000 labeled tweets. Analysis of this dataset reveals a significant amount of actionable information on social media during emergencies (> 10%). While this data is valuable for emergency response efforts, analysis of the 39 state-of-the-art systems demonstrate a performance gap in identifying this data. We therefore find the current state-of-the-art is insufficient for emergency responders’ requirements, particularly for rare actionable information for which there is little prior training data available

TREC Incident Streams: Finding Actionable Information on Social Media

The Text Retrieval Conference (TREC) Incident Streams track is a new initiative that aims to mature social media-based emergency response technology. This initiative advances the state of the art in this area through an evaluation challenge, which attracts researchers and developers from across the globe. The 2018 edition of the track provides a standardized evaluation methodology, an ontology of emergency-relevant social media information types, proposes a scale for information criticality, and releases a dataset containing fifteen test events and approximately 20,000 labeled tweets. Analysis of this dataset reveals a significant amount of actionable information on social media during emergencies (> 10%). While this data is valuable for emergency response efforts, analysis of the 39 state-of-the-art systems demonstrate a performance gap in identifying this data. We therefore find the current state-of-the-art is insufficient for emergency responders’ requirements, particularly for rare actionable information for which there is little prior training data available

Real-time Emergency Response through Performant IoT Architectures

International audienceThis paper describes the design of an Internet of Things (IoT) system for building evacuation. There are two main design decisions for such systems: i) specifying the platform on which the IoT intelligent components should be located; and ii) establishing the level of collaboration among the components. For safety-critical systems, such as evacuation, real-time performance and evacuation time are critical. The approach aims to minimize computational and evacuation delays and uses Queuing Network (QN) models. The approach was tested, by computer simulation, on a real exhibition venue in Alan Turing Building, Italy, that has 34 sets of IoT sensors and actuators. Experiments were performed that tested the effect of segmenting the physical space into different sized virtual cubes. Experiments were also conducted concerning the distribution of the software architecture. The results show that using centralized architectural pattern with a segmentation of the space into large cubes is the only practical solution

Situation Representation and Awareness for Rescue Operations

International audienceDuring rescue operations, being aware of the situation is very critical for rescuers and decision-makers to reduce the impacts. This work aims to support situation awareness amongst actors participating in rescue operations by adopting an ontology-based approach. An application ontology is proposed based on existing related ontologies and operational expertise collection. It will help to ensure common situation representation and understanding between different actors. After that, a knowledge-based system will be developed and integrated in actors' environment to support decision-making. Our preliminary results are shown in this paper

Communication in Emergency Management through Data Integration and Trust:an introduction to the CEM-DIT system

This paper discusses the development of the CEM-DIT (Communication in Emergency Management through Data Integration and Trust) system, which allows decision makers in crises to send out automated data requests to multiple heterogeneous and potentially unknown sources and interactively determine how reliable, relevant and trustworthy the responses are. We describe the underlying technology, which is based partially on data integration and matching, and partly on utilisation of provenance data. We describe our cooperation with the Urban Observatory (UO), which allows us to develop the system in collaboration with developers of the kind of crisis-relevant data which the system is designed for. The system is currently in development, and we describe which parts are fully implemented and which are currently being developed.</p

The reciprocity of data integration in disaster risk analysis

Humanitarian organizations are increasingly challenged by the amount of data available to drive their decisions. Useful data can come from many sources, exists in different formats, and merging it into a basis for analysis and planning often exceeds organizations’ capacities and resources. At the same time, affected communities’ participation in decision making processes is often hindered by a lack of information and data literacy capacities within the communities. We describe a participatory disaster risk analysis project in the central Philippines where the community and a humanitarian NGO worked towards a joint understanding of disaster risks and coping capacities through data integration and IT-supported analysis. We present findings from workshops, focus group discussions and semi-structured interviews, showing the reciprocal effects of the collaborative work. While the community valued the systematically gathered and structured evidence that supported their own risk perceptions and advocacy efforts, the humanitarian NGO revisited established work practices for data collection for analysis and planning