Modern approaches to securing the computing infrastructure of organisations against cyberattacks are founded on solutions that monitor all systems in a network simultaneously. This paradigm relies on endpoint sensors – lightweight programs which monitor endpoint activities and collect behavioural events that feed into detection and response systems. In this paradigm, traditional data collection approaches involve streaming all collected events into a cloud backend, where data is then processed and analysed through rules-based detection logic and machine learning models. A complementary approach to this involves placing some detection logic on the sensor itself, closer to the data source. This blog post details WithSecure’s research in TRUST aWARE into using the ONNX framework to port machine learning models and functionality onto endpoint sensors.

The research community has exhaustively analysed and put on the spotlight a lot of privacy and security abuses on applications published on mobile app markets like Google Play. However, pre-installed applications have not received so much attention despite their potential for causing security and privacy harm: they are privileged Operating System-level applications. In TRUST aWARE, we are actively developing new methodologies to gain a better understanding of the risks to which end-users can be exposed just by owning an Android handset.

Why is it important to involve both a company’s internal and external resources in the protection of cybersecurity? Because attacks will become increasingly sophisticated and evolved and will be linked to delicate geopolitical issues, but also because the human factor plays a crucial role among the elements of vulnerability. Cybersecurity represents an excellent professional opportunity for those beginning their careers, independently from their curriculum of studies. Onelia Onorati Social Media Manager at Fondazione Mondo Digitale interviewed Gaia Guadagnoli, Privacy, Data Protection & Security Technology Specialist at Microsoft Italy and coach of the Course organised as part of Fondazione Mondo Digitale Programme Ambizione Italia for Cybersecurity (March 6-9-13-16)

As new cyber threats emerge and TRUST aWARE’s partners seek to find solutions, what role can pilot studies play in helping develop these solutions? What type of research, quantitive or qualitative, is best suited to assisting with these pilot studies? Can representative control groups conducting small-scale tests help lead the way in securing the privacy of modern internet users?

Privacy policies can be an effective communicative tool, building up consumer trust in an organisation by communicating that organisation’s privacy practices. However, many privacy policies are long and complex, obfuscated by legal jargon and vague clauses. How can we ensure that privacy policies retain their communicative power and harness it for good? By developing a framework for analysing organisations’ privacy policies through Deep Learning techniques, the TRUST aWARE project aims to enhance consumer trust when faced with confusing privacy policies, allowing consumers to better distinguish the trustworthy from the untrustworthy.

The ability to identify the author responsible for a piece of software is critical for many research studies and for enhancing software transparency and accountability. However, as opposed to other application markets like iOS, attribution in the Android ecosystem is known to be hard. Android app authors can, either intentionally or by mistake, hide their true identity. A recent study based on the analysis of 2.5 million market entries from 5 Android markets explores the availability, volatility, and overall aptness of publicly available metadata for author attribution in Android app markets.

As 2023 begins, can we predict what new and emerging cybersecurity threats individuals, businesses, and governments are going to face? How can we prepare for such threats and what tools can be used to combat them?