Blockchain in Energy Communities, A proof of concept

This report aims at exploring the use of the distributed ledger paradigm to incentive the participation of the citizen to a truly free, open and interoperable energy market, producing a feasibility study and a first demo testbed, taking also into consideration privacy, cybersecurity and big-data issues of the smart-home in the Energy market context. This study is intended to support point 4.1, 4.2 and 4.3 of the DSM (COM(2015)192) and point 2.2 of the Energy Union package (COM(2015)80.JRC.E.3-Cyber and Digital Citizens' Securit

Cybersecurity, our digital anchor: A European perspective

The Report ‘Cybersecurity – Our Digital Anchor’ brings together research from different disciplinary fields of the Joint Research Centre (JRC), the European Commission's science and knowledge service. It provides multidimensional insights into the growth of cybersecurity over the last 40 years, identifying weaknesses in the current digital evolution and their impacts on European citizens and industry. The report also sets out the elements that potentially could be used to shape a brighter and more secure future for Europe’s digital society, taking into account the new cybersecurity challenges triggered by the COVID-19 crisis. According to some projections, cybercrime will cost the world EUR 5.5 trillion by the end of 2020, up from EUR 2.7 trillion in 2015, due in part to the exploitation of the COVID-19 pandemic by cyber criminals. This figure represents the largest transfer of economic wealth in history, more profitable than the global trade in all major illegal drugs combined, putting at risk incentives for innovation and investment. Furthermore, cyber threats have moved beyond cybercrime and have become a matter of national security. The report addresses relevant issues, including: - Critical infrastructures: today, digital technologies are at the heart of all our critical infrastructures. Hence, their cybersecurity is already – and will become increasingly – a matter of critical infrastructure protection (see the cases of Estonia and Ukraine). - Magnitude of impact: the number of citizens, organisations and businesses impacted simultaneously by a single attack can be huge. - Complexity and duration of attacks: attacks are becoming more and more complex, demonstrating attackers’ enhanced planning capabilities. Moreover, attacks are often only detected post-mortem . - Computational power: the spread of malware also able to infect mobile and Internet of Things (IoT) devices (as in the case of Mirai botnet), hugely increases the distributed computational power of the attacks (especially in the case of denial of services (DoS)). The same phenomenon makes the eradication of an attack much more difficult. - Societal aspects: cyber threats can have a potentially massive impact on society, up to the point of undermining the trust citizens have in digital services. As such services are intertwined with our daily life, any successful cybersecurity strategy must take into consideration the human and, more generally, societal aspects. This report shows how the evolution of cybersecurity has always been determined by a type of cause-and-effect trend: the rise in new digital technologies followed by the discovery of new vulnerabilities, for which new cybersecurity measures must be identified. However, the magnitude and impacts of today's cyber attacks are now so critical that the digital society must prepare itself before attacks happen. Cybersecurity resilience along with measures to deter attacks and new ways to avoid software vulnerabilities should be enhanced, developed and supported. The ‘leitmotiv’ of this report is the need for a paradigm shift in the way cybersecurity is designed and deployed, to make it more proactive and better linked to societal needs. Given that data flows and information are the lifeblood of today’s digital society, cybersecurity is essential for ensuring that digital services work safely and securely while simultaneously guaranteeing citizens’ privacy and data protection. Thus, cybersecurity is evolving from a technological ‘option’ to a societal must. From big data to hyperconnectivity, from edge computing to the IoT, to artificial intelligence (AI), quantum computing and blockchain technologies, the ‘nitty-gritty’ details of cybersecurity implementation will always remain field-specific due to specific sectoral constraints. This brings with it inherent risks of a digital society with heterogeneous and inconsistent levels of security. To counteract this, we argue for a coherent, cross-sectoral and cross-societal cybersecurity strategy which can be implemented across all layers of European society. This strategy should cover not only the technological aspects but also the societal dimensions of ‘behaving in a cyber-secure way’. Consequently, the report concludes by presenting a series of possible actions instrumental to building a European digital society secure by design.JRC.E.3-Cyber and Digital Citizens' Securit

A framework for secure IP telephony systems

Voice service provision over the Internet offers many advantages to all entities involved, like reduced cost, opportunities for new services, ease of management and many more. However, together with the advantages and the new opportunities, it is necessary to ensure the reliability of data transmission, as well as to address all remaining security problems. These problems mainly originate from the characteristics of the public, open architecture, networks, like the Internet, utilised for the provision of the services. The problems related to the reliability during data transmission are the ones that have attracted most of the interest of the scientific community, mainly due to the fact that reliability is a prerequisite for the provision of voice services. Today most of the identified problems are satisfactorily addressed. On the other hand, the interest for other security issues that may affect the voice services is not too high, even though the provision of the services over public networks offers many opportunities to malicious users to launch an attack. The internet, which is an indicative example of open architecture networks, faces all the threats originating from the existing vulnerabilities, as well as from the new vulnerabilities that may be identified by attackers trying to harm the new services and protocols. Therefore, the services offered through internet, including the voice services, inherit all its security gaps. On top of that, the introduction of new protocols for session management, like the Session Initiation Protocol (SIP), gives birth to numerous new threats which, due the interoperability of the services, make the entire voice network susceptible to attacks. This thesis focuses on the security issues of the signalling protocol SIP. More specifically it analyses all its vulnerabilities that may be utilised for launching an attack during the establishment of a session. Then the security measures proposed by the SIP standard are presented and evaluated in terms of their effectiveness. The remaining security problems are addressed through new security mechanisms that are proposed. The effectiveness and performance of the proposed mechanisms have been evaluated through an experimental environment that was developed for that purpose. In order to achieve effective protection of the Internet based voice services, the thesis proposes a three layer security architecture that incorporates all the necessary preventive and detection security measures. In the first layer there are preventive mechanisms that address cases of unauthorized modification of signalling data. In the second layer there are strict security policies and access control mechanisms that have been based on the specifications of the signalling protocols, like SIP, in order to protect parsers from processing not compatible messages. In the last layer, there are mechanisms for the detection of flooding attacks. Service providers, in addition to the early detection of and protection against all potential attacks that can be launched against the services that they offer, should be able to represent any security incident in a formal way. This will allow the development of a common security and protection architecture. To this direction, ontologies have been utilised for developing a common “security data base” through which service providers can cooperate in order to achieve ‘a secure environment for the provision of the voice services’. The ontology developed was represented in first order logic and was applied in an experimental environment.Η παροχή υπηρεσιών φωνής μέσω του διαδικτύου προσφέρει σε όλες τις εμπλεκόμενες οντότητες μια σειρά από πλεονεκτήματα, όπως χαμηλό κόστος παροχής της υπηρεσίας, δυνατότητα ανάπτυξης νέων εξελιγμένων υπηρεσιών, ευκολία διαχείρισης και άλλα πολλά. Βέβαια, πέρα από τα πλεονεκτήματα και τους νέους ορίζοντες που δημιουργούνται στις υπηρεσίες τηλεφωνίας, θα πρέπει να αντιμετωπιστούν τόσο τα προβλήματα αξιόπιστης μετάδοσης των δεδομένων, όσο και αυτά της ασφαλείας των υπηρεσιών φωνής. Τα συγκεκριμένα προβλήματα είναι ιδιαίτερα έντονα λόγω των χαρακτηριστικών των δημόσιων δικτύων ανοικτών προδιαγραφών, όπως είναι το διαδίκτυο, που αξιοποιούνται για την παροχή των υπηρεσιών. Τα προβλήματα αξιόπιστης μετάδοσης, κυρίως για τα δεδομένα φωνής, ήταν αυτά που προσέλκυσαν το ενδιαφέρον της επιστημονικής κοινότητας, δεδομένου ότι η αξιοπιστία μετάδοσης είναι αδιαπραγμάτευτο προαπαιτούμενο για την παροχή υπηρεσιών τηλεφωνίας. Σήμερα, υπάρχουν ικανοποιητικές λύσεις για τα περισσότερα από τα προβλήματα που έχουν εντοπιστεί οι οποίες βασίζονται στους κατάλληλους μηχανισμούς κωδικοποίησης. Από την άλλη πλευρά, το ενδιαφέρον για τα ζητήματα ασφαλείας των υπηρεσιών ήταν σχετικά περιορισμένο, παρά το γεγονός ότι η παροχή υπηρεσιών μέσω δημόσιων δικτύων ανοικτών προδιαγραφών προσφέρει πληθώρα δυνατοτήτων εκδήλωσης κακόβουλων ενεργειών. Το διαδίκτυο, ως το πλέον αντιπροσωπευτικό παράδειγμα δικτύου ανοικτής αρχιτεκτονικής, κινδυνεύει τόσο από τα πολυάριθμα γνωστά προβλήματα ασφαλείας, όσο και από νέες ευπάθειες που μπορεί να προκόψουν από τη συνεχή διαδικασία αναζήτησης κενών ασφαλείας σε υπηρεσίες και πρωτόκολλα. Συνεπώς, οι υπηρεσίες που παρέχονται μέσω του διαδικτύου, μη εξαιρουμένων των υπηρεσιών φωνής, κληρονομούν όλες τις εγγενείς ευπάθειες του. Επιπλέον, η εισαγωγή νέων πρωτοκόλλων για την εγκαθίδρυση και διαχείριση συνόδων, όπως το Session Initiation Protocol (SIP), δημιουργεί πληθώρα νέων απειλών που, λόγω της διασυνδεσιμότητας των υπηρεσιών, καθιστούν ολόκληρο το τηλεφωνικό δίκτυο ευπαθές σε επιθέσεις. Η παρούσα διδακτορική διατριβή επικεντρώνεται σε ζητήματα ασφαλείας που αφορούν το πρωτόκολλο σηματοδοσίας SIP. Συγκεκριμένα, αναλύονται όλες οι πιθανές ευπάθειες που μπορεί να ‘αξιοποιηθούν’ για την εκδήλωση επιθέσεων κατά τη διαδικασία εγκαθίδρυσης συνόδων SIP. Στη συνέχεια παρουσιάζονται και αξιολογούνται, ως προς την αποτελεσματικότητα τους, οι μηχανισμοί ασφαλείας που προδιαγράφονται στο πρότυπο του SIP. Τα κενά ασφάλειας που παραμένουν αντιμετωπίζονται μέσω νέων μηχανισμών ασφάλειας που προτείνονται και οι οποίοι δρουν συμπληρωματικά με τα υπάρχοντα μέτρα ασφαλείας. Οι προτεινόμενοι μηχανισμοί έχουν υλοποιηθεί και αξιολογηθεί ως προς την αποτελεσματικότητα και την απόδοση τους μέσω πειραματικού περιβάλλοντος που αναπτύχθηκε. Συνολικά, για την αποτελεσματική αντιμετώπιση των προβλημάτων ασφαλείας στις υπηρεσίες διαδικτυακής τηλεφωνίας, προτείνεται μια αρχιτεκτονική τριών επιπέδων στην οποία εντάσσονται τα κατάλληλα προληπτικά, αναγνωριστικά και ανασταλτικά μέτρα ασφαλείας. Στο πρώτο επίπεδο κατατάσσονται οι κατάλληλοι μηχανισμοί πρόληψης για την αντιμετώπιση περιστατικών μη εξουσιοδοτημένης τροποποίησης των δεδομένων σηματοδοσίας. Στο δεύτερο επίπεδο αναπτύσσονται αυστηρές πολιτικές και μηχανισμοί ελέγχου που βασίζονται στις προδιαγραφές των αξιοποιούμενών πρωτοκόλλων σηματοδοσίας, όπως το SIP, προκειμένου να αποτρέπεται η επεξεργασία μη συμβατών μηνυμάτων από τους αναλυτές μηνυμάτων των υπηρεσιών. Στο τελευταίο επίπεδο άμυνας, υλοποιούνται μηχανισμοί για την άμεση αναγνώριση επιθέσεων πλημμύρας. Η προτεινόμενη αρχιτεκτονική συμπληρώνει τους υπάρχοντες μηχανισμούς ασφαλείας και αποτελεί μια εύκολα κλιμακούμενη αρχιτεκτονική. Οι πάροχοι υπηρεσιών διαδικτυακής τηλεφωνίας, εκτός από την έγκαιρη ανίχνευση και την αντιμετώπιση των επιθέσεων που μπορεί να εκδηλωθούν κατά των υπηρεσιών που προσφέρουν, θα πρέπει να διαθέτουν τη δυνατότητα αποτύπωσης των περιστατικών ασφαλείας μέσω κάποιας κοινής σημασιολογικής περιγραφής. Με τον τρόπο αυτό θα καταστεί δυνατή η ανάπτυξη μιας ενιαίας αρχιτεκτονικής ασφαλείας και προστασίας. Προς την κατεύθυνση αυτή, και συγκεκριμένα για τη δημιουργία ενός ενιαίου τυπικού μοντέλου ασφαλείας για τις υπηρεσίες διαδικτυακής τηλεφωνίας, αποφασίστηκε να αξιοποιηθούν οντολογίες για την ανάπτυξη μίας κοινής «βάσης ασφαλείας» μέσω της οποίας προωθείται η συνεργασία των παροχών διαδικτυακής τηλεφωνίας στα πλαίσια ενός ασφαλούς περιβάλλοντος παροχής υπηρεσιών τηλεφωνίας. Η οντολογία που αναπτύχθηκε, αναπαραστάθηκε σε κατηγορηματική λογική και εφαρμόστηκε σε πειραματικό περιβάλλον

Personal Data Breaches. A Feasibility Study on a Cyber Exercise

The Directive 2009/136/EC (amending Directive 2002/58/EC) introduces a new obligation for the providers of electronic communication services to notify data breaches to the competent authorities and the individuals affected by the data breach. In particular, in the context of the European Single Market a data breach easily discloses a cross-border dimension which should be addressed specifically within the scope of the above mentioned Directive. Immediate notifications involving various actors and across various fields of competences and scope will obviously require well-planned and coordinated processes of communication. Hence these processes should be continuously tested and further improved. Nevertheless little experience does exist which is the driving force to plan for structured exercises concerning the applicability of the Directive. It is therefore of utmost interest to start undertaking a personal data breach exercise similar to other cyber exercises. This document contains a feasibility study with which such a personal data breach exercise could be started. The feasibility study proposed an executable first plan, its key elements, a provisional timeline and, most importantly, a summary of human and financial resources needed.JRC.G.6-Digital Citizen Securit

Exposing Resource Consumption Attacks in Internet Multimedia Services

Attackers always find ways to elude the employed security mechanisms of a system, no matter how strong they are. Nevertheless, audit trails - which as a rule of thumb are kept by any service provider - store all the events pertaining to the service of interest. Therefore, audit trail data can be a valuable ally when it comes to the certification of the security level of a given service. This stands especially true for critical real- time services such as multimedia ones, which nowadays are on the rise. This work proposes a practical, simple to implement yet powerful solution based on the Hellinger Distance metric for conducting audit trail analysis destined to expose security incidents. Our solution relies on a set of different features existing in the app layer protocol for session handling in order to classify the analyzed traffic as intrusive or not. Taking the well-known Session Initiation Protocol (SIP) as an example, we thoroughly evaluate the effectiveness of the proposed detection scheme in terms of accuracy under various realistic scenarios. The outcomes reveal competitive detection rates in terms of false positives and negatives and can be used as a reference for future works in the fieldJRC.G.6-Digital Citizen Securit

A wireless propagation analysis for the frequency of the pseudonym changes to support privacy in VANETs

Vehicle Ad Hoc Networks (VANETs) in Cooperative Intelligent Transport Systems (C-ITS) are based on the exchanges of messages among ITS-Stations (e.g., vehicles and roadside infrastructure) using the wireless G5 Dedicated Short Rate Communication (DSRC) standard to support safety-critical applications. VANETs require the authentication of ITS-stations and messages but the privacy of the drivers of the vehicles must be supported. In recent years, researchers have proposed solutions to mitigate privacy risks based on the use of pseudonyms. A key design decision is related to the frequency of the change of pseudonyms. The activity of a vehicle under one pseudonym can be linked to another thus providing traceability of the vehicle and a privacy risk for the driver. To prevent link-ability of actions, the vehicle must change pseudonyms over time. In this paper, the authors propose a radio frequency physical layer analysis to determine the frequency of the pseudonym changes. The rationale is that different wireless propagation conditions will impact the capability of the privacy attacker to trace the vehicle, thus reducing the need to frequently change the pseudonyms. The analysis has been performed in different channel fading conditions and for different relative speed values.JRC.E.3-Cyber and Digital Citizens' Securit

Obscuring Users' Identity in VoIP/IMS Environments

Next Generation Networks bring together wired and wireless architectures, under the umbrella of an all IP architecture. Architectures such as the IP Multimedia Subsystem (IMS) offer advanced services at very low cost but also inherit IP infrastructure's security and privacy issues. The utilized signalling protocol (i.e. Session Initiation Protocol) and the related specifications are both overlooking users' privacy, leaving public and private identities unprotected to eavesdroppers. Existing solutions require either the existence of a public key infrastructure or the establishment of the appropriate mechanism for managing symmetric keys. We propose a novel one-time identity mechanism for obscuring users' real identity against eavesdroppers. The solution exploits the advantages of commutative functions, enabling the communicating parties to exchange data without pre-established keys nor any modification in the infrastructure. All participating entities generate one-time random identities providing in this way unlinkability and anonymity services as well. We evaluate the proposed mechanism through an open source IMS platform. Results have provided evidence that the client's response times are not considerably affected by the proposed mechanism, while the overhead imposed to the IMS core is negligibleJRC.G.6-Digital Citizen Securit

Utilizing CPU, Memory and other features signals to control processes and related data in computing devices with potential to identify user. An Application Risk Assessment Approach

In the Internet era users' fundamental privacy and anonymity rights have received significant research and regulatory attention. This is not only a result of the exponential growth of data that users generate when accomplishing their daily task by means of computing devices with advanced capabilities, but also because of inherent data properties that allow them to be linked with a real or soft identity. Service providers exploit these facts for user monitoring and identification, albeit impacting users' anonymity, based mainly on personal identifiable information or on sensors that generate unique data to provide personalized services. In this paper, we report on the feasibility of user identification using instead general system features like memory, CPU and network data, as provided by the underlying operating system. We provide a general framework based on supervised machine learning algorithms both for distinguishing users, and informing them about their anonymity exposure. We conduct a series of experiments to collect trial datasets for users' engagement on a shared computing platform. We evaluate various well-known classifiers in terms of their effectiveness in distinguishing users, and we perform a sensitivity analysis of their configuration setup to discover optimal settings under diverse conditions. Furthermore, we examine the bounds of sampling data to eliminate the chances of user identification and thus promote anonymity. Overall results show that under certain configurations users' anonymity can be preserved, while in other cases users' identification can be inferred with high accuracy, without relying on personal identifiable information.JRC.G.6-Digital Citizen Securit

On the Efficiency of User Identification: A System based Approach

In the Internet era users’ fundamental privacy and anonymity rights have received significant research and regulatory attention. This is not only a result of the exponential growth of data that users generate when accomplishing their daily task by means of computing devices with advanced capabilities, but also because of inherent data properties that allow them to be linked with a real or soft identity. Service providers exploit these facts for user monitoring and identification, albeit impacting users’ anonymity, based mainly on personal identifiable information or on sensors that generate unique data to provide personalized services. In this paper, we report on the feasibility of user identification using instead general system features like memory, CPU and network data, as provided by the underlying operating system. We provide a general framework based on supervised machine learning algorithms both for distinguishing users, and informing them about their anonymity exposure. We conduct a series of experiments to collect trial datasets for users’ engagement on a shared computing platform. We evaluate various well-known classifiers in terms of their effectiveness in distinguishing users, and we perform a sensitivity analysis of their configuration setup to discover optimal settings under diverse conditions. Furthermore, we examine the bounds of sampling data to eliminate the chances of user identification and thus promote anonymity. Overall results show that under certain configurations users’ anonymity can be preserved, while in other cases users’ identification can be inferred with high accuracy, without relying on personal identifiable information.JRC.E.3-Cyber and Digital Citizens' Securit