GeNeura at European Project MUSES Final Review

GeNeura’s members have been working in the three-year long, FP7 European project MUSES, which faced its last review last week at the European Commision Beaulieu Quarter Buildings in Brussels.

UGR was one of the partners participating in this project. More concretely, GeNeura’s members have contributed by leading WP2 – MUSES framework definition and integration during the completion of tasks to define the MUSES System Architecture. In addition, GeNeura’s research has been applied to the project in WP5 – Self-adaptive event correlation, lead by a Spanish security company S2 Grupo. The main purpose of this WP was to develop a system which, on the one side, uses event correlation to detect Security Policy violations and, on the other side, performs an analysis of all the data in the system and creates new Security Policies or enhances the existing ones. Different types of classification, rule association, and clustering algorithms, as well as Data Mining techniques, have been applied with satisfactory results. These results were specially welcomed by the comission, ponting that such a system will be very helpful to enhance security. Also, MUSES is an Open Software project, and you can contribute at https://github.com/MusesProject

The results were presented by S2 Grupo and GeNeura together. The slides are now published on Slideshare:

It has been a pleasure for GeNeura to work in MUSES

Hackathon in Distributed Corporate Security

GeNeura Team, and OSL, are organising a Hackathon in Distributed Corporate Security, for the MUSES Project. You will have the opportunity of developing in an European Project, funded by the FP7.**

It will be held on 25-26 of March at the Centro de Enseñanzas Virtuales de la Universidad de Granada (CEVUG). The location is: c/Real de Cartuja, nº 36-38, Granada (top floor).

Confirmed projects, to be chosen by the participants are:

• Server performance upgrade of the corporate security system MUSES (Sweden Connectivity AB)
• Muses server web based user interface (Sweden Connectivity AB) + S2 Grupo + GeNeura)
• Command signature and verification component S2 Grupo
• Android public key data encryption component S2 Grupo
• Data Mining applied to security-based data: Analysis and Visualization tools (GeNeura)

A more complete description of each project can be found here.

The participation is free, of course. And if you already have a Github user, but you will not able to come, you can also participate remotely. The registration form is here.

Spread the word!!

The schedule will be:
WEDNESDAY 25 MARCH

17.00 – Hello to everybody!
17.15 – Where are you? What’s this?
17.30 – Introduction to GIT (by Pablo Hinojosa @psicobyte_ )

18.00 – Projects presentation (10-15 minutes each)
19.00 – Project selection and organization of groups
20.00 – Tapas crawl

THURSDAY 26 MARCH

09.30 – Hackathon starts!
14.00 – Tapas crawl
15.30 – Hackathon continues!
17.30 – Coffee break (if needed)
17.45 – Here we go again
19.30 – Hackathon finishes…
19.31 – Project results presentations
20.00 – Tapas crawl – final round

**If you are Spanish, do not worry! Of course you will have the opportunity of improving your English, but Spanish-speakers from GeNeura Team and S2 will be there to assist you.

[Paper] Going a Step Beyond the Black and White Lists for URL Accesses in the Enterprise by means of Categorical Classifiers

Our work titled Going a Step Beyond the Black and White Lists for URL Accesses in the Enterprise by means of Categorical Classifiers, as part of the researh under the MUSES project, has been presented today at the ECTA 2014 conference.

Abstract:

Corporate systems can be secured using an enormous quantity of methods, and the implementation of Black or White lists is among them.
With these lists it is possible to restrict (or to allow) the users the execution of applications or the access to certain URLs, among others. This paper is focused on the latter option. It describes the whole processing of a set of data composed by URL sessions performed by the employees of a company; from the preprocessing stage, including labelling and data balancing processes, to the application of several classification algorithms. The aim is to define a method for automatically make a decision of allowing or denying future URL requests, considering a set of corporate security policies.
Thus, this work goes a step beyond the usual black and white lists, since they can only control those URLs that are specifically included in them, but not by making decisions based in similarity (through classification techniques), or even in other variables of the session, as it is proposed here.
The results show a set of classification methods which get very good classification percentages (95-97%), and which infer some useful rules based in additional features (rather that just the URL string) related to the user’s access. This led us to consider that this kind of tool would be very useful tool for an enterprise.

You can check the presentation at: .

Sistema para la evaluación de la confianza en redes distribuidas

El pasado lunes se presentó el artículo ya anunciado en el anterior post. Como conclusiones, discutimos sobre:

• La necesidad de confianza entre participantes dentro de una red distribuida, principalmente enfocada a actividades P2P.
• La manera de medir esa confianza, de modelarla y los beneficios de hacerlo.
• El obtener las medidas de confianza bien por observación o bien por recomendaciones, y las condiciones que se han de cumplir para una correcta propagación de los valores.
• Conocimiento de los distintos ataques de: bad mouthing, on-off, Sybli, new user y creación de conflictos.
• Discusión sobre los módulos que compondrían un sistema que gestiona la confianza.
• Comentarios sobre las gráficas de resultados y los posibles beneficios de usar este sistema cuando se presentan los ataques mencionados.

La presentación puede consultarse a continuación:

Paper Seminar: A Trust Evaluation Framework in Distributed Networks: Vulnerability Analysis and Defense Against Attacks

El lunes que viene, 21 de enero, se discutirá sobre el trabajo A Trust Evaluation Framework in Distributed Networks: Vulnerability Analysis and Defense Against Attacks, colaboración de los departamentos de Ingeniería Electrónica y de Computación de las universidades de Rhode Island y Maryland. En él se propone una manera de aumentar la seguridad en arquitecturas de red distribuidas, basándose en una medida cuantitativa de la confianza en cada entidad participante. Será en la Sala de Reuniones de la ETSIIT, estáis todos invitados.