Privacy Preserving Data Mining, Evaluation Methodologies

Privacy is one of the most important properties an information system must satisfy. A relatively new trend shows that classical access control techniques are not sufficient to guarantee privacy when datamining techniques are used. Privacy Preserving Data Mining (PPDM) algorithms have been recently introduced with the aim of modifying the database in such a way to prevent the discovery of sensible information. Due to the large amount of possible techniques that can be used to achieve this goal, it is necessary to provide some standard evaluation metrics to determine the best algorithms for a specific application or context. Currently, however, there is no common set of parameters that can be used for this purpose. Moreover, because sanitization modifies the data, an important issue, especially for critical data, is to preserve the quality of data. However, to the best of our knowledge, no approaches have been developed dealing with the issue of data quality in the context of PPDM algorithms. This report explores the problem of PPDM algorithm evaluation, starting from the key goal of preserving of data quality. To achieve such goal, we propose a formal definition of data quality specifically tailored for use in the context of PPDM algorithms, a set of evaluation parameters and an evaluation algorithm. Moreover, because of the "environment related" nature of data quality, a structure to represent constraints and information relevance related to data is presented. The resulting evaluation core process is then presented as a part of a more general three step evaluation framework, taking also into account other aspects of the algorithm evaluation such as efficiency, scalability and level of privacy.JRC.G.6-Sensors, radar technologies and cybersecurit

State of the Art in Privacy Preserving Data Mining

Privacy is one of the most important properties an information system must satisfy. A relatively new trend shows that classical access control techniques are not sufficient to guarantee privacy when Data Mining techniques are used. Such a trend, especially in the context of public databases, or in the context of sensible information related to critical infrastructures, represents, nowadays a not negligible thread. Privacy Preserving Data Mining (PPDM) algorithms have been recently introduced with the aim of modifying the database in such a way to prevent the discovery of sensible information. This is a very complex task and there exist in the scientific literature some different approaches to the problem. In this work we present a "Survey" of the current PPDM methodologies which seem promising for the future.JRC.G.6-Sensors, radar technologies and cybersecurit

Privacy Preserving Data Mining, A Data Quality Approach

Privacy is one of the most important properties an information system must satisfy. A relatively new trend shows that classical access control techniques are not sufficient to guarantee privacy when datamining techniques are used. Privacy Preserving Data Mining (PPDM) algorithms have been recently introduced with the aim of sanitizing the database in such a way to prevent the discovery of sensible information (e.g. association rules). A drawback of such algorithms is that the introduced sanitization may disrupt the quality of data itself. In this report we introduce a new methodology and algorithms for performing useful PPDM operations, while preserving the data quality of the underlying database.JRC.G.6-Sensors, radar technologies and cybersecurit

ICT aspects of power systems and their security

This report provides a deep description of four complex Attack Scenarios that have as final goal to produce damage to the Electric Power Transmission System. The details about protocols used, vulnerabilities, devices etc. have been for obvious reasons hidden, and the ones presented have to be understood as mere (even if realistic) simplified versions of possible power systems.JRC.DG.G.6-Security technology assessmen

Malware Templates for MAlSim

This report describes the methodology of malware templates for MAlSim - Mobile Agent Malware Simulator, a mobile agent framework which aims at simulation of diverse malicious software in computer network of an arbitrary information system. Malware template is a pattern (a 'guide') for implementation of MAlSim agent aiming at simulation of a concrete malware. It indicates the selection and configuration of Java classes (MAlSim agent, one or more behavioural patterns and one or more migration/replication patterns) selected from MAlSim Toolkit.JRC.G.6-Sensors, radar technologies and cybersecurit

MAlSim Deployment

This report describes the deployment issues related to MAlSim - Mobile Agent Malware Simulator - a mobile agent framework which aims at simulation of malware - malicious software that run on a computer and make the system behaving in a way wanted by an attacker. MAlSim was introduced in our previous report where we described its composition and functions, and provided the details of the simulation environment in which MAlSim is deployed and the auxiliary parts which support the experiments performed with MAlSim. In this report we are providing more technical details related to the installation and use of the framework.JRC.G.6-Sensors, radar technologies and cybersecurit

A model of distributed key generation for industrial control systems

11th International Workshop on Discrete Event Systems, WODES 2012; Guadalajara, Jalisco; Mexico; 3 October 2012 through 5 October 2012The cyber-security of industrial control systems (ICS) is gaining high relevance due to the impact of industrial system failures on the citizen life. There is an urgent need for the consideration of security in their design, and for the analysis of the related vulnerabilities and potential threats. The high exposure of industrial critical infrastructure to cyber-threats is mainly due to the intrinsic weakness of the communication protocols used to control the process network. The peculiarities of the industrial protocols (low computational power, large geographical distribution, near to real-time constraints) make hard the effective use of traditional cryptographic schemes and in particular the implementation of an effective key management infrastructure supporting a cryptographic layer. In this paper, we describe a "model of distributed key generation for industrial control systems" we have recently implemented. The model is based on a known Distributed Key Generator protocol we have adapted to an industrial control system environment and to the related communication protocol (Modbus). To validate in a formal way selected security properties of the model, we introduced a Petri Nets representation. This representation allows for modeling attacks against the protocol and understanding some potential weaknesses of its implementation in the industrial control system environment

Demystifying COVID-19 digital contact tracing: A survey on frameworks and mobile apps

The coronavirus pandemic is a new reality and it severely affects the modus vivendi of the international community. In this context, governments are rushing to devise or embrace novel surveillance mechanisms and monitoring systems to fight the outbreak. The development of digital tracing apps, which among others are aimed at automatising and globalising the prompt alerting of individuals at risk in a privacy-preserving manner is a prominent example of this ongoing effort. Very promptly, a number of digital contact tracing architectures has been sprouted, followed by relevant app implementations adopted by governments worldwide. Bluetooth, and specifically its Low Energy (BLE) power-conserving variant has emerged as the most promising short-range wireless network technology to implement the contact tracing service. This work offers the first to our knowledge, full-fledged review of the most concrete contact tracing architectures proposed so far in a global scale. This endeavour does not only embrace the diverse types of architectures and systems, namely centralised, decentralised, or hybrid, but it equally addresses the client side, i.e., the apps that have been already deployed in Europe by each country. There is also a full-spectrum adversary model section, which does not only amalgamate the previous work in the topic, but also brings new insights and angles to contemplate upon.Comment: 34 pages, 3 figure

European Cybersecurity Centre of Expertise - Cybersecurity Competence Survey

In its September 2017 Joint Communication "Resilience, Deterrence and Defence: Building strong cybersecurity for the EU" the European Commission announced the intention to support the creation of a network of cybersecurity competence centres to stimulate the development and deployment of technology in cybersecurity. In the scope of this initiative, the main goal of this document is to present the design and results of the survey conducted in order to identify the cybersecurity competence centres (e.g. research organisations, laboratories, associations, academic groups, institutions, operational centres) in Europe. The survey was open for participation from middle January until middle March of 2018 and 665 centres participated. This report also presents a scientific and technological development analysis comparing the survey results presented here with a desktop research mapping exercise performed by JRC.JRC.E.3-Cyber and Digital Citizens' Securit