Jose Francisco Ruiz, Fady Copty, Christos Tselios. "SMESEC: A Cybersecurity framework to Protect, Enhance and Educate SMEs." ERCIM News online edition, July 2018,

Small and medium enterprises (SMEs) play a decisive role in EU economy; however, they are attractive targets for cyber-attacks. Since they have specific characteristics, less security, and fewer resources for cybersecurity measures than large companies.

The article describes the SMESEC project. SMESEC develops a tailor-made cybersecurity framework for SMEs which considers both technical solutions and human-organisational aspects. Regarding SMESEC use-case partners’ requirements and feedback, it provides a state-of-the-art cybersecurity framework, cost-effective solutions and cybersecurity awareness and training courses. In the development phase, we have considered the great importance of usability and automation, cyber situational awareness and control for end-users, human factors in the design process, and current best practices and standards related to SMEs. This framework takes account of the use-case partner’s cybersecurity requirements through an innovative process to integrate various solutions working in an orchestral way. Also, the future innovative approaches to SMESEC’s tools are prioritized based on increasing simplicity of security tools, increasing protection level, cost-effectiveness, supporting training and awareness, and rising interconnection.

SMESEC intends to be a holistic security framework due to growth in the number of SMEs willing to tackle their cyber-security issues. Thus, the SMESEC principal objectives are: developing an automated cybersecurity assessment engine, offering relevant feedback to SMEs regarding their cybersecurity behaviour and vulnerabilities, and aligning SMESEC innovations with international links and, in turn, providing inexpensive and effective security recommendations.

Apostolos P. Fournaris, Konstantinos Lampropoulos, Odysseas Koufopavlou. "End Node Security and Trust vulnerabilities in the Smart City Infrastructure." 5th International Conference of Engineering Against Failure (ICEAF V), June 2018, Chios Island, Greece

As cities gradually introduce intelligence in their core services and infrastructure thus becoming “smart cities”, they are deploying new Information Technology devices in the urban grid that are interconnected to a broad network. The main focus of widely implemented smart cities’ services was the operation of sensors and smart devices across city areas that need low energy consumption and high connectivity. However, as 5G technologies are gradually been adopted in the smart city infrastructure thus solving that problem, the fundamental issue of addressing security becomes dominant.

While latest network topologies and standards include security functions thus giving an illusion of security, there is little focus on the fact that many smart city end nodes cannot realize all security specifications without additional help.

In this paper, we discuss briefly smart city security issues and focus on problem and security requirement that need to be addressed in the smart city end nodes, the sensors, and actuators deployed within the city’s grid. In this paper, attacks that cannot be thwarted by traditional cybersecurity solutions are discussed and countermeasures based on hardware are suggested in order to achieve a high level of trust. Also, the danger of microarchitectural and side channel attacks on these devices is highlighted and protection approaches are discussed.

Alireza Shojaifar, Samuel A. Fricker, Martin Gwerder. “Elicitation of SME Requirements for Cybersecurity Solutions by Studying Adherence to Recommendations.” Requirements Engineering: Foundation for Software Quality (RESFQ 2018), Utrecht, Netherlands

Small and medium-sized enterprises (SME) have become the weak spot of our economy for cyber attacks. These companies are large in number and often do not have the controls in place to prevent successful attacks, respectively are not prepared to systematically manage their cybersecurity capabilities. One of the reasons for why many SME do not adopt cybersecurity is that developers of cybersecurity solutions understand little the SME context and the requirements for successful use of these solutions.

We elicit requirements by studying how cybersecurity experts provide advice to SME. The experts’ recommendations offer insights into what important capabilities of the solution are and how these capabilities ought to be used for mitigating cybersecurity threats. The adoption of a recommendation hints at a correct match of the solution, hence successful consideration of requirements. Abandoned recommendations point to a misalignment that can be used as a source to inquire missed requirements. Re-occurrence of adoption or abandonment decisions corroborate the presence of requirements. This poster describes the challenges of SME regarding cybersecurity and introduces our proposed approach to elicit requirements for cybersecurity solutions. The poster describes CYSEC, our tool used to capture cybersecurity advice and help to scale cybersecurity requirements elicitation to a large number of participating SME. We conclude by outlining the planned research to develop and validate CYSEC.

Giorgos Tsirantonakis, Panagiotis Ilia, Sotiris Ioannidis, Elias Athanasopoulos, Michalis Polychronakis. “A Large-scale Analysis of Content Modification by Open HTTP Proxies.” In Proceedings of the Network and Distributed System Security Symposium (NDSS '18), February 2018, San Diego, CA, USA

Giorgos Tsirantonakis, Panagiotis Ilia, Sotiris Ioannidis, Elias Athanasopoulos, Michalis Polychronakis. “A Large-scale Analysis of Content Modification by Open HTTP Proxies.” Cybersecurity and Privacy (CySeP), June 2018, Stockholm, Sweden

In this paper, we present the results of a large-scale analysis of open HTTP proxies, focusing on determining the extent to which user traffic is manipulated while being relayed. We have designed a methodology for detecting proxies that, instead of passively relaying traffic, actively modify the relayed content. Beyond simple detection, our framework is capable of macroscopically attributing certain traffic modifications at the network level to well-defined malicious actions, such as ad injection, user fingerprinting, and redirection to malware landing pages.

Our study reveals the true incentives of many of the publicly available web proxies. Our findings raise several concerns, as we uncover multiple cases where users can be severely affected by connecting to an open proxy. As a step towards protecting users against unwanted content modification, we built a service that leverages our methodology to collect and probe public proxies automatically, and generates a list of safe proxies that do not perform any content modification, on a daily basis.