Governance activities form the backbone of the network, supporting community activities that range from roadmap design to Request for Challenges, from monthly SPARTA Workshops to bi-yearly SPARTA Days. Research programs are continuously spun from strands of the roadmap, led by experts of their fields, and aim at generating concrete and transformative results.
News & Events
SPARTA CAPE tool: detecting and mitigating side-channel vulnerabilities
18th Apr 2021This SPARTA tool, developed within CAPE program, aims at detecting and mitigating side-channel vulnerabilities, attacks that have significantly risen with the publication of SPECTRE or MELTDOWN, and are particularly difficult to handle.
Evaluating the security of the open-source software supply chain
12th Apr 2021This flyer presents a series of tools aiming at evaluating the security of the open-source software supply chain. More specifically, we provide tools to evaluate the consequences of vulnerabilities in open source libraries on the applications that use them
Curricula Designer: a tool that connects education providers with cybersecurity job market
7th Apr 2021The SPARTA Cybersecurity Training and Awareness team launched the Curricula Designer, a tool that connects education providers with cybersecurity job market.
What it does?
The Curricula Designer is a simple free web-based application that helps education and training providers to design cybersecurity curricula that reflect needs of current job market. By the ability to precisely select the content of courses and see the impact of training components on gained competence, curricula administrators may tailor the study programs according to specific strengths of particular training providers and target specific graduate profiles. The tool may be used to either design new curricula or analyze existing curricula and thus evaluate how the study programs meet the requirements of particular cybersecurity work role profiles.
How it works?
After the specification of courses in the left section and their composition into curricula in the middle section, the users may see an analysis of the...
Securing the connected vehicle: attacks and defenses against platooning vehicles
5th Apr 2021This demonstration showcases how SPARTA can certify blocking classes of attacks in connected cars.
Hunting for a malicious code among add-ons (article)
31st Mar 2021Author: Edvard Rejthar
Translation: Petra Raszková
Original (CZ) version available at: https://blog.nic.cz/2020/11/19/hledani-skodliveho-kodu-mezi-doplnky/
How to catch a malicious add-on with “its” trousers down?
I identified the computer´s non-standard behavior, so I looked at add-ons to find out its source, and I came across the innocent-looking source code which lines are responsible for this behaviour. Here is a jotting from a malware hunt. A few days ago, I noticed that a certain site had joined my domain huffily.mydiaconal.com. Odd-looking name. What´s all this about?
Well, I know that malware authors use generator to originate randomly domain names in order to resemble already existing words. I tried to connect to the domain, with no response. Either I would almost say the domain is defuct or just a mistake made by some developer, but it could also be a covered manoeuvre. Regardless the domain was not responding, it was certainly receiving information. I checked the si...
Effective training in cybersecurity in the new era of staff remotisation: Practical solutions, tools & opportunities
15th Mar 2021SPARTA will be part of the CYBERWISER.EU “Effective training in cybersecurity in the new era of staff remotisation: Practical solutions, tools & opportunities” event, on 25th March 2021.
SPARTAs’ Cybersecurity Training and Awareness working group, represented by Jan Hajny, will integrate the first events’ roundtable - Capacity building in cybersecurity: solutions - with ECSO and the other 3 Pilots of the future European Cybersecurity Competence Network.
For more information on the event follow this link 👉 https://sparta.eu/events/2021-03-15-effective-training-in-cybersecurity-in-the-new-era-of-staff-remotisation-practical-solutions-tools-opportunities.html
The event is free of charge and is part of the CYBERWISER.eu dissemination programme, sponsored by the European Commission.
Jan Hajny works as an associate professor at the Faculty of Electrical Engineering and Communication at Brno University of Technology. He is the head of the...
SAFAIR AI Contest is launched!
4th Mar 2021The evaluation of machine learning models robustness in adversarial settings is not a trivial task. If the model is robust to a particular kind of attack, it is not a sufficient measure of its robustness. In order to have confidence in the predictions made by the model, one needs to check its robustness against a variety of attack techniques.
The SAFAIR AI Contest aims to evaluate the robustness of a defence technique by means of a two-player game. The participants can either register in the Attack or Defence tracks. These attack and defence teams are then continuously pitted against each other. This encourages the creation of more robust deep learning models as well as to find adversarial attack methods which can effectively fool the target system across a variety of defence techniques.
To learn more and to register in the contest, please visit the contest website.
A Best-Practices Guide to Attract and Retain Women in Cybersecurity Teams
3rd Mar 2021Cybersecurity needs to build a diverse workforce, able to respond to the challenges of a globalised and ever-changing world. Different ways of approaching problems, when coordinated, bring a competitive advantage to cybersecurity teams as they can strategically and satisfactorily meet such challenges. Today, women only account for 20% of the poorly diverse cybersecurity workforce worldwide. On top of that, Cybersecurity Ventures predicts that there will be 3.5 million unfilled jobs globally by 2021 , leading to a huge increase in cybercrime, which is predicted to cost the world $6 trillion annually by the same year. The female underrepresentation in cybersecurity is accounting for this reality.
The European Commission has been actively working on this issue and has set three main strategic actions to increase women’s participation in the digital sector:
1. Challenging digital gender stereotypes;
2. Promoting digital skills and education;
3. Advocating for more women entrepreneur...
Data Breach: the Good, the Bad and the Ugly
22nd Feb 2021Data Breach: the Good, the Bad and the Ugly
On November 26, 2020, the 41st edition of the monthly Cybersecurity Breakfast organized by SECURITYMADEIN.LU welcomed renowned Security Researcher at CIRCL, Alexandre Dulaunoy, to talk about the more and more common “Data Breaches: The dirty business behind the scenes. When your leak becomes the product.”
He started the keynote by explaining the mission of CIRCL in analysing, collecting and handling the data and how data acquired during a breach is becoming a product used and sold by cybercriminals. He also introduced the MISP software, an open-source threat intelligence platform.
What is AIL?
Alexandre underlined the growing need to monitor what cybercriminals are doing, especially on Tor. Hence the creation of AIL, a framework for Analysis of Information Leaks. It is a modular framework to analyse potential information leaks from unstructured data sources like pastes or social networks or unstructured data streams. The primary aim of...