August 26, 2021

Universal Adversarial Perturbations for Malware

Machine learning has become a very valuable tool for different security applications, allowing to predict new threats and attacks by learning patterns from data. However, the popularity of machine learning also brings new risks, as it has been shown that machine learning algorithms have also their own vulnerabilities. This offers...

Read More
August 20, 2021

Threat Intelligence sharing: What kind of intelligence to share?

With the rapid pace of digitalisation, the expanding attack surfaces and the ever-growing number of vulnerabilities and attack techniques leaves fewer and fewer organisations capable of defending themselves and sensitive data in their care. Many recent and painfully successful cyber attacks raised again the issue of sharing threat intelligence in...

Read More
August 11, 2021

The CODE 2021: Secure supply chains for digital sovereignty?

The pandemic has shown the importance of international supply chains and how dependent we are. Attacks in the virtual space may have an increasing impact on supplies in our analogue world. Reason enough for the Research Institute CODE (RI CODE) of the Universität der Bundeswehr München (UniBw M) to dedicate...

Read More
August 5, 2021

Federated Machine Learning (FML) for Financial Sector Threat Intelligence and Fraud Prevention

Machine learning has great potential to make decision-support processes smarter, cheaper, more automated, and self-improving. However, it is also recognized that widespread commercial adoption of machine learning will require approaches that offer sufficient guarantees about the security and privacy of the process of learning models, especially when companies wish to...

Read More
July 29, 2021

Faith-based security, the case of the fax

Recently I was surprised by a comment made by an anonymous reviewer on the security of various methods for information exchange, where he or she noted that the approach mentioned “would not offer the same properties as a fax in terms of confidentiality.” This begs the question “what confidentiality properties...

Read More
July 16, 2021

CONCORDIA’s Sector-specific Pilots – the basics

The collaboration between the academic and industrial community, where the research provides solutions for the identified industrial use cases, is organized in CONCORDIA's work package by developing the so-called pilots. CONCORDIA is addressing industrial challenges in seven pilots – five sector-specific and two cross-sector pilots. In CONCORDIA, we focus on...

Read More
July 2, 2021

Cloud Security: Paving the Way to Smarter Security Automation!

Cloud is everywhere, often invisible… The development of the Internet has been leveraged by the deployment of large data centers providing computing resources (software application, virtualized hardware equipment) that can be shared and combined to build elaborated services. These resources available in a metered manner are contributing to lower the...

Read More
June 24, 2021

Beyond COVID-19 in Threat Intelligence

More than a year in this global pandemic, more needs to be done about Threat Intelligence It is the summer of 2021, more than a year into dealing with the global pandemic cause by COVID-19 has past, and we are starting to see “the light at the end of tunnel”,...

Read More
June 17, 2021

US elections 2020: a retrospective analysis of the Twitter corpus

Social media plays a crucial role, especially during elections’ period either for communication, administration and dissemination. Twitter constitutes one of the most popular social media with millions of active users, while a significant part of the online discourse is part of this network. The analysis of the content can shed...

Read More
June 10, 2021

An Update on Security Playbook Standardization

A year ago, we supported creating a technical committee within the Organization for the Advancement of Structured Information Standards (OASIS) to work on defining a standard way for documenting security playbooks that are both human-understandable and machine-executable. Today we have published our first committee specification, getting closer to having a...

Read More