European Commission logo
English English
CORDIS - EU research results

Programme Category


Article available in the following languages:


Information and data stream management to fight against (cyber)crime and terrorism


The amount of data generated and gathered in the frame of (cyber)crime investigations increases exponentially, thereby creating a considerable challenge for law enforcement. The effectiveness of law enforcement action depends on capabilities to improve the quality of data, and to convert voluminous and heterogeneous data sets (images, videos, geospatial intelligence, communication data, traffic data, financial transactions related date, etc.) into actionable intelligence. These capabilities could be significantly enhanced by the use of domain-specific tools, i.e. Big Data analysis applications designed for the needs of crime investigators (pre-processing, processing and analysis, visualisation, etc.). Furthermore, predictive analytics would greatly benefit from open source intelligence gathering, social network and darknet data analysis, and allow for resource-efficient, effective and proactive law enforcement.

Examples of trends in cybercrime are numerous. The Internet of Things can potentially connect practically everything, thus also potentially making everything more vulnerable. Wearable devices make us traceable, 3D printers can produce weapons, autonomous cars provide opportunities for kidnappers, teleworking opens doors for cyber-espionage etc. Cybercriminals follow the technological development and benefit from it, while measures for countering cybercrime are often one step behind. Law Enforcement Agencies would benefit from new means of preventing and countering new kinds of crime, building on the comprehensive trend analysis of emerging cybercrime activities based on past of (cyber)criminal activities, on technological developments, and on trends in the society.

Criminal and terrorist acts are usually subsequent to patterns of abnormal behaviour. Behavioural/anomaly detection systems (using a large variety of sensors) and methodologies require the analysis and processing of enormous quantities of data, together with improved imaging techniques to allow for the identification of suspicious events or of criminals. Such systems should operate in near real-time and at similar distances as a surveillance camera. They should also comply with privacy requirements and the respect of fundamental rights such as the right to privacy and the right to protection of personal data.

Proposals are invited from consortia involving relevant security practitioners, civil society organisations, and the appropriate balance of IT specialists, psychologists, sociologists, linguists, etc. exploiting Big Data and predictive analytics that both (a) characterise trends in cybercrime and in cybercriminal organizations (based on a profound analysis of current and emerging cybercriminal organizational types and structures), and (b) enhance citizens' security against terrorist attacks in places considered as soft targets, including crowded areas (stations, shopping malls, entertainment venues, etc.).

In 2020, proposals should address exclusively point b), with a focus on private operators. Although public authorities are primarily responsible for security, public-private cooperation is key in protecting public spaces. As an example, the first persons on the scene of a terrorist attack are often not police officers, but private security staff from local shops or transport operators. Moreover, public spaces are often owned and operated by private entities.

Proposals should lead to solutions developed in compliance with European societal values, fundamental rights and applicable legislation including in the area of privacy and protection of personal data. Societal aspects (e.g. perception of security, possible side effects of technological solutions, societal resilience) have to be addressed in a comprehensive and thorough manner.

The centre of gravity for technology development with actions funded under this topic is expected to be up to TRL 5 to 7 – see General Annex G of the Horizon 2020 Work Programme.

The Commission considers that proposals requesting a contribution from the EU of about EUR 8 million would allow this specific challenge to be addressed appropriately. Nonetheless, this does not preclude submission and selection of proposals requesting other amounts.

Large amounts of data and information from a variety of origins have become available to practitioners involved in fighting crime and terrorism. Full advantage is not currently taken of the most advanced techniques for Big Data analysis, and artificial intelligence.

Medium term:

  • improved support for the work of Law Enforcement Agencies in managing Big Data, i.e. in extracting, combining, analysing and visualising large amounts of structured and unstructured data in the context of criminal investigations;
  • increased awareness regarding the state of the art and trends in cybercriminal activities (short-, mid- and long-term);
  • in-depth knowledge of means of preventing and countering emerging and future cybercriminal activities;
  • improved capabilities to combine and analyse in near-real-time large volumes of heterogeneous data to anticipate criminal events;
  • shorter delays between the emergence of new cybercrime activities and the deployment of countermeasures.

Long term:

  • a European, common strategic approach for preventing and countering an emerging cybercrime activity in its early stage of development;
  • a European, common strategic approach for processing and combining huge amounts of data in the context of crowd protection in full compliance with applicable legislation on protection of personal data.