Enhancing Digital Security, Privacy and TRUST in softWARE

Deliverables

training program focusing on citizens on how to use the tools enabled by TRUST aWARE for enhancing privacy and cybersecurity protection

TRUST aWARE training program - v2

Training program focusing on citizens on how to use the tools enabled by TRUST aWARE for enhancing privacy and cybersecurity protection

MISP Training course

Webinar for explaining the use of MISP with its features and options. In addition, installation and required materials will be discussed during the training

TRUST aWARE DSPIA & guidelines on legal ecosystem - v2

the DSPIA guidelines in M18 will help the different stakeholders to identify and assure their digital SP legal compliance

Ethical Impact Assessment - v1

In month 6 the initial ethical requirements for the technology and tools are defined

Standards Analysis

Analysis of the relevant standards approved and ongoing in order to take them into account for the development of the TRUST aWARE ecosystem

Ethical Impact Assessment - v3

Measures of the in-depth analysis of ethical considerations are added in M24

KPIs and benchmark definition

This deliverable will define in further detail the KPIs and benchmarking methodology including baselines for the evaluation of new and improved tools produced by the project Key inherent limitations of benchmarking approaches will also be discussed

Piloting roadmap - v1

Report on how the experimentations in the pilots will be carried out in T15 It will describe in detail the piloting activities to be developed for the different pilots on each pilot round v1 due in M15

Dissemination, exploitation and communication plan and report - v3

Versions in M36 will summarise the activities carried out by the partners (second half).

Standardization engagement plan - v1

The report in month 18 will map ongoing standardization initiatives and offer a strategy for TRUST aWARE engagement with different SDOs

MISP Taxonomy

Defines a shared taxonomy to be implemented in a structured automated and governed exchange of indicators compromise related to cyber threats

Pilots assessment - v1

Compilation of procedures, highlights and conclusions of first (M24) pilot together with demonstration videos

Scientific & technical dissemination report - v2

Summary of activities, publications, summer schools and workshops carried out by the partners for second half (M36)

Standards Guidelines

Step-by-step procedure for developers to assist with compliance, including brief summary of relevant standards/regulations for non-legal readership

Pilots assessment - v2

Compilation of procedures, highlights and conclusions of second (M36) pilot together with demonstration videos

Certification report - v2

The report in month 36 will present the TRUST aWARE certification method

New features' specification designs - v1

Report of the design and requirements for the new features of the tools two releases for the first and second version respectively v1

Piloting roadmap - v2

Report on how the experimentations in the pilots will be carried out in T1.5. It will describe in detail the piloting activities to be developed for the different pilots, on each pilot round (v2 due in M27).

Cost-Benefit Analysis - v1

Initial report on costbenefit applying all socioeconomic indicators and their potential within the project and externally

TRUST aWARE DSPIA & guidelines on legal ecosystem - v1

The initial legal requirements for the technology and tools are defined

Socio-economic Indicators and Variables

Definition and exploration of indicatorsvariables to measure the socioeconomic impact of TRUST aWARE tools during evaluation activities

Dissemination, exploitation and communication plan and report - v2

Version in M18 will summarise the activities carried out by the partners first half

Stakeholders' engagement report - v2

Plan and report on its implementation including the business model, timing and rules of engagement, and details on the contents and the inputs provided during the discussions of the stakeholders’ and AB during the project - v2

Guidelines for organisations, DPAs and policy-makers

Report on practical guidelines for organisations, DPAs, and other relevant policy-makers to promote and implement user-friendly tools that lower S&P risks for individuals and SMEs

TRUST aWARE DSPIA & guidelines on legal ecosystem - v3

the DSPIA & guidelines in M30 will help the different stakeholders to identify and assure their digital S&P legal compliance

New features' specification designs - v2

Report of the design and requirements for the new features of the tools, two releases for the first and second version respectively - v2

Users' community engagement report - v1

Plan and report on its implementation including the details on inputs provided during the discussions with citizens groups v1

Certification report - v1

The report in month 18 will analyse available certification tools and methodologies and introduce the different stakeholders to the Europrivacy certification

Standardization engagement plan - v2

The report in M36 will report the standardisation contributions provided by TRUST aWARE

Scientific & technical dissemination report - v1

Summary of activities publications summer schools and workshops carried out by the partners for first half M18

Cost-Benefit Analysis - v2

Final reports on cost-benefit, applying all socio-economic indicators and their potential within the project and externally

Stakeholders' technology transfer report - v2

Summary of activities carried out by the partners for first second half (M36)

Users' community engagement report - v2

Plan and report on its implementation including the details on inputs provided during the discussions with citizens groups. v2

Stakeholders' technology transfer report - v1

Summary of activities carried out by the partners for first half (M18)

Ethical Impact Assessment - v2

In month 12 the report will add parameters by which to assess the ethical implications of the results

Dissemination, exploitation and communication plan and report - v1

First version in M06 will outline the plan

Stakeholders' engagement report - v1

Plan and report on its implementation including the business model timing and rules of engagement and details on the contents and the inputs provided during the discussions of the stakeholders and AB during the project v1

Cybersecurity and Privacy Dashboard - v1

Demo of dashboard and resultant suggested actions, plus accompanying report at M18 (v1)

Endpoint protection tools - v1

Prototype of the endpoint protection tools, and accompanying report documenting instruction for utilization; released at M18

Digital S&P Assessment Service (API) - v1

API publishing the capabilities of the DS&PA Lab, encapsulated as-a-service for usage by tools in WP3, WP4 and 3rd parties - v1

Endpoint protection tools - v2

Prototype of the endpoint protection tools, and accompanying report documenting instruction for utilization; updated at M30

Dynamic attack detection tool - V1

Consumers RDR prototype to demonstrate dynamic attack detection key capabilities in selected relevant use cases - V1

Cybersecurity and Privacy Dashboard - v2

Demo of dashboard and resultant suggested actions, plus accompanying report; updated at M30 (v2)

Dynamic attack detection tool - V2

Consumers RDR prototype to demonstrate dynamic attack detection key capabilities in selected relevant use cases - V2

Publications

What do fact checkers fact-check when?

Author(s): Ribeiro, M. H., Zannettou, S., Goga, O., Benevenuto, F., & West, R
Published in: MEDIATE WORKSHOP 2022. Co-located with ICWSM, 2021
Publisher: ---

Understanding the Privacy Risks of Popular Search Engine Advertising Systems

Author(s): Chouaki, Salim and Goga, Oana and Haddadi, Hamed and Snyder, Peter
Published in: Proceedings of the 2023 ACM on Internet Measurement Conference, 2023, ISBN 9798400703829
Publisher: ACM
DOI: 10.1145/3618257.3624823

From a user-centric co-creation process and assessment approach to a cyber literacy path: the TRUST aWARE pilot experience

Author(s): Mazzucato, Annaleda; del Álamo Cienfuegos, Andres
Published in: Fourth Workshop of Technology Enhanced Learning Environments for Blended Education – The Italian e-Learning Conference (teleXbe), Issue 2024, 2024
Publisher: CEUR Workshop Proceedings
DOI: 10.3030/101021377

Marketing to Children Through Online Targeted Advertising: Targeting Mechanisms and Legal Aspects

Author(s): Medjkoune, Tinhinane and Goga, Oana and Senechal, Juliette
Published in: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, Issue 2023, 2023, Page(s) 180–194, ISBN 9798400700507
Publisher: Association for Computing Machinery
DOI: 10.1145/3576915.3623172

What News Do People Get on Social Media? Analyzing Exposure and Consumption of News through Data Donations

Author(s): Chouaki, Salim and Chakraborty, Abhijnan and Goga, Oana and Zannettou, Savvas
Published in: Proceedings of the ACM on Web Conference 2024, Issue 2024, 2024, Page(s) 2371–2382, ISBN 9798400701719
Publisher: Association for Computing Machinery
DOI: 10.1145/3589334.3645399

Towards an extensible privacy analysis framework for Smart Homes

Author(s): A. Girish, J. Tapiador, S. Matic, N. Vallina-Rodriguez
Published in: Proceedings of the 22nc ACM Internet Measurement Conference (IMC), 2022
Publisher: ACM
DOI: 10.1145/3517745.3563023

Not Your Average App: A Large-scale Privacy Analysis of Android Browsers

Author(s): Pradeep, Amogh; Feal, Álvaro; Gamba, Julien; Rao, Ashwin; Lindorfer, Martina; Vallina-Rodriguez, Narseo; Choffnes, David
Published in: Proceedings on Privacy Enhancing Technologies 2023(1), Issue 2023, 2023, Page(s) 29-46
Publisher: PETS Symposium
DOI: 10.56553/popets-2023-0003

Exploring the Online Micro-targeting Practices of Small, Medium, and Large Businesses

Author(s): S. Chouaki, I. Bouzenia, O. Goga, B. Rousillon
Published in: ACM Conference on Computer-Supported Cooperative Work and Social Computing, Issue 6, 378, 2022, Page(s) 1-23
Publisher: ACM
DOI: 10.1145/3555103

A Comparative Analysis of Certificate Pinning in Android & iOS

Author(s): A. Pradeep, M.P. Paracha, P. Bhowmick, A. Davanian, A. Razaghpanah, T. Chung, M. Lindorfer, N. Vallina-Rodriguez, D. Levin, D. Choffnes
Published in: Proceedings of the 22nc ACM Internet Measurement Conference (IMC), 2022, Page(s) 605-618
Publisher: ACM
DOI: 10.1145/3517745.3561439

In the Room Where It Happens: Characterizing Local Communication and Threats in Smart Homes

Author(s): Girish, Aniketh and Hu, Tianrui and Prakash, Vijay and Dubois, Daniel J. and Matic, Srdjan and Huang, Danny Yuxing and Egelman, Serge and Reardon, Joel and Tapiador, Juan and Choffnes, David and Vallina-Rodriguez, Narseo
Published in: Proceedings of the 2023 ACM on Internet Measurement Conference, Issue 2023, 2023, Page(s) 437–456, ISBN 9798400703829
Publisher: ACM
DOI: 10.1145/3618257.3624830

understanding TLS usage in consumer IoT devices

Author(s): Muhammad Talha Paracha; Daniel J. Dubois; Narseo Vallina-Rodriguez; David Choffnes
Published in: Proceedings of the 21st ACM Internet Measurement Conference (IMC), Issue 2, 2021
Publisher: ACM
DOI: 10.1145/3487552.3487830

Challenges in inferring privacy properties of smart devices:Towards scalable multi-vantage point testing methods

Author(s): Girish, Aniketh and Prakash, Vijay and Egelman, Serge and Reardon, Joel and Tapiador, Juan and Huang, Danny Yuxing and Matic, Srdjan and Vallina-Rodriguez, Narseo
Published in: Proceedings of the 3rd International CoNEXT Student Workshop, Issue 2022, 2022
Publisher: ACM
DOI: 10.1145/3565477.3569148

Paying Attention to the Algorithm Behind the Curtain: Bringing Transparency to YouTube's Demonetization Algorithms

Author(s): Arun Dunna; Katherine A. Keith; Ethan Zuckerman; Narseo Vallina-Rodriguez; Brendan O'Connor; Rishab Nithyanand
Published in: Proceedings of the ACM CSCW, Issue 6, 2022
Publisher: ACM
DOI: 10.1145/3555209

Ethics of Mediating Movement through Digital and Physical Borders

Author(s): Z. Goldberg,T. Jacquemard, T.
Published in: Philosophy of Human-Technology Relations (PHTR2022), 2022
Publisher: PHTR

Log: It’s Big, It’s Heavy, It’s Filled with Personal Data! Measuring the Logging of Sensitive Information in the Android Ecosystem

Author(s): Allan Lyons and Julien Gamba and Austin Shawaga and Joel Reardon and Juan Tapiador and Serge Egelman and Narseo Vallina-Rodriguez
Published in: 32nd USENIX Security Symposium (USENIX Security 23), Issue 2023, 2023, Page(s) 2115--2132, ISBN 978-1-939133-37-3
Publisher: USENIX Association
DOI: 10.5555/3620237

Understanding engagement with U.S. (mis)information news sources on Facebook

Author(s): Laura Edelson; Minh-Kha Nguyen; Ian Goldstein; Oana Goga; Damon McCoy; Tobias Lauinger
Published in: Internet Measurement Conference, Issue 2, 2021
Publisher: IMC
DOI: 10.1145/3487552.3487859

Chrowned by an Extension: Abusing the Chrome DevTools Protocol through the Debugger API

Author(s): Moreno, José Miguel; Vallina-Rodriguez, Narseo; Tapiador, Juan
Published in: 2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P), Issue 2023, 2023, Page(s) 832-846
Publisher: IEEE Computer Society
DOI: 10.1109/eurosp57164.2023.00054

Mixed Signals: Analyzing Software Attribution Challenges in the Android Ecosystem

Author(s): Hageman, Kaspar; Feal, Alvaro; Gamba, Julien; Girish, Aniketh; Bleier, Jakob; Lindorfer, Martina; Tapiador, Juan; Vallina-Rodriguez, Narseo
Published in: IEEE Transactions on Software Engineering, Issue Volume 49, Issue 4, 2023, Page(s) 2964–2979, ISSN 0098-5589
Publisher: Institute of Electrical and Electronics Engineers
DOI: 10.1109/tse.2023.3236582

Mules and permission laundering in android: Dissecting custom permissions in the wild

Author(s): Gamba, Julien and Feal, Álvaro and Blazquez, Eduardo and Bandara, Vinuri and Razaghpanah, Abbas and Tapiador, Juan and Vallina-Rodriguez, Narseo
Published in: IEEE Transactions on Dependable and Secure Computing, 2023, Page(s) 1-18, ISSN 1941-0018
Publisher: IEEE
DOI: 10.1109/tdsc.2023.3288981

An analysis of fake social media engagement services

Author(s): Nevado-Catalan, David and Pastrana, Sergio and Vallina-Rodriguez, Narseo and Tapiador, Juan
Published in: Comput. Secur., Issue 124-C, 2023, ISSN 0167-4048
Publisher: Pergamon Press Ltd.
DOI: 10.1016/j.cose.2022.103013

Kunai: A static analysis framework for Android apps

Author(s): Eduardo Blazquez, Juan Tapiador
Published in: SoftwareX, 2023, ISSN 2352-7110
Publisher: Elsevier
DOI: 10.1016/j.softx.2023.101370

Deliverables

Publications

Share this page Share this page on social networks

Download Download the content of the page