Enhancing Digital Security, Privacy and TRUST in softWARE

Informations projet

TRUST aWARE

N° de convention de subvention: 101021377

Site Web du projet

DOI

10.3030/101021377

Projet clôturé

Date de signature de la CE 21 Avril 2021

Date de début 1 Juin 2021

Date de fin 31 Mai 2024

Financé au titre de

Secure societies - Protecting freedom and security of Europe and its citizens

Coût total

€ 5 244 997,50

Contribution de l’UE

€ 4 645 031,25

4 645 031,25

599 966,25

Coordonné par

TREE TECHNOLOGY SA
Spain

CORDIS fournit des liens vers les livrables publics et les publications des projets HORIZON.

Les liens vers les livrables et les publications des projets du 7e PC, ainsi que les liens vers certains types de résultats spécifiques tels que les jeux de données et les logiciels, sont récupérés dynamiquement sur OpenAIRE .

Livrables

TRUST aWARE training program - v1

training program focusing on citizens on how to use the tools enabled by TRUST aWARE for enhancing privacy and cybersecurity protection

TRUST aWARE training program - v2

Training program focusing on citizens on how to use the tools enabled by TRUST aWARE for enhancing privacy and cybersecurity protection

MISP Training course

Webinar for explaining the use of MISP with its features and options. In addition, installation and required materials will be discussed during the training

TRUST aWARE DSPIA & guidelines on legal ecosystem - v2

the DSPIA guidelines in M18 will help the different stakeholders to identify and assure their digital SP legal compliance

Ethical Impact Assessment - v1

In month 6 the initial ethical requirements for the technology and tools are defined

Standards Analysis

Analysis of the relevant standards approved and ongoing in order to take them into account for the development of the TRUST aWARE ecosystem

Ethical Impact Assessment - v3

Measures of the in-depth analysis of ethical considerations are added in M24

KPIs and benchmark definition

This deliverable will define in further detail the KPIs and benchmarking methodology including baselines for the evaluation of new and improved tools produced by the project Key inherent limitations of benchmarking approaches will also be discussed

Piloting roadmap - v1

Report on how the experimentations in the pilots will be carried out in T15 It will describe in detail the piloting activities to be developed for the different pilots on each pilot round v1 due in M15

Dissemination, exploitation and communication plan and report - v3

Versions in M36 will summarise the activities carried out by the partners (second half).

Standardization engagement plan - v1

The report in month 18 will map ongoing standardization initiatives and offer a strategy for TRUST aWARE engagement with different SDOs

MISP Taxonomy

Defines a shared taxonomy to be implemented in a structured automated and governed exchange of indicators compromise related to cyber threats

Pilots assessment - v1

Compilation of procedures, highlights and conclusions of first (M24) pilot together with demonstration videos

Scientific & technical dissemination report - v2

Summary of activities, publications, summer schools and workshops carried out by the partners for second half (M36)

Standards Guidelines

Step-by-step procedure for developers to assist with compliance, including brief summary of relevant standards/regulations for non-legal readership

Pilots assessment - v2

Compilation of procedures, highlights and conclusions of second (M36) pilot together with demonstration videos

Certification report - v2

The report in month 36 will present the TRUST aWARE certification method

New features' specification designs - v1

Report of the design and requirements for the new features of the tools two releases for the first and second version respectively v1

Piloting roadmap - v2

Report on how the experimentations in the pilots will be carried out in T1.5. It will describe in detail the piloting activities to be developed for the different pilots, on each pilot round (v2 due in M27).

Cost-Benefit Analysis - v1

Initial report on costbenefit applying all socioeconomic indicators and their potential within the project and externally

TRUST aWARE DSPIA & guidelines on legal ecosystem - v1

The initial legal requirements for the technology and tools are defined

Socio-economic Indicators and Variables

Definition and exploration of indicatorsvariables to measure the socioeconomic impact of TRUST aWARE tools during evaluation activities

Dissemination, exploitation and communication plan and report - v2

Version in M18 will summarise the activities carried out by the partners first half

Stakeholders' engagement report - v2

Plan and report on its implementation including the business model, timing and rules of engagement, and details on the contents and the inputs provided during the discussions of the stakeholders’ and AB during the project - v2

Guidelines for organisations, DPAs and policy-makers

Report on practical guidelines for organisations, DPAs, and other relevant policy-makers to promote and implement user-friendly tools that lower S&P risks for individuals and SMEs

TRUST aWARE DSPIA & guidelines on legal ecosystem - v3

the DSPIA & guidelines in M30 will help the different stakeholders to identify and assure their digital S&P legal compliance

New features' specification designs - v2

Report of the design and requirements for the new features of the tools, two releases for the first and second version respectively - v2

Users' community engagement report - v1

Plan and report on its implementation including the details on inputs provided during the discussions with citizens groups v1

Certification report - v1

The report in month 18 will analyse available certification tools and methodologies and introduce the different stakeholders to the Europrivacy certification

Standardization engagement plan - v2

The report in M36 will report the standardisation contributions provided by TRUST aWARE

Scientific & technical dissemination report - v1

Summary of activities publications summer schools and workshops carried out by the partners for first half M18

Cost-Benefit Analysis - v2

Final reports on cost-benefit, applying all socio-economic indicators and their potential within the project and externally

Stakeholders' technology transfer report - v2

Summary of activities carried out by the partners for first second half (M36)

Users' community engagement report - v2

Plan and report on its implementation including the details on inputs provided during the discussions with citizens groups. v2

Stakeholders' technology transfer report - v1

Summary of activities carried out by the partners for first half (M18)

Ethical Impact Assessment - v2

In month 12 the report will add parameters by which to assess the ethical implications of the results

Dissemination, exploitation and communication plan and report - v1

First version in M06 will outline the plan

Stakeholders' engagement report - v1

Plan and report on its implementation including the business model timing and rules of engagement and details on the contents and the inputs provided during the discussions of the stakeholders and AB during the project v1

Cybersecurity and Privacy Dashboard - v1

Demo of dashboard and resultant suggested actions, plus accompanying report at M18 (v1)

Endpoint protection tools - v1

Prototype of the endpoint protection tools, and accompanying report documenting instruction for utilization; released at M18

Digital S&P Assessment Service (API) - v1

API publishing the capabilities of the DS&PA Lab, encapsulated as-a-service for usage by tools in WP3, WP4 and 3rd parties - v1

Endpoint protection tools - v2

Prototype of the endpoint protection tools, and accompanying report documenting instruction for utilization; updated at M30

Dynamic attack detection tool - V1

Consumers RDR prototype to demonstrate dynamic attack detection key capabilities in selected relevant use cases - V1

Cybersecurity and Privacy Dashboard - v2

Demo of dashboard and resultant suggested actions, plus accompanying report; updated at M30 (v2)

Dynamic attack detection tool - V2

Consumers RDR prototype to demonstrate dynamic attack detection key capabilities in selected relevant use cases - V2

Publications

What do fact checkers fact-check when?

Auteurs: Ribeiro, M. H., Zannettou, S., Goga, O., Benevenuto, F., & West, R
Publié dans: MEDIATE WORKSHOP 2022. Co-located with ICWSM, 2021
Éditeur: ---

Understanding the Privacy Risks of Popular Search Engine Advertising Systems

Auteurs: Chouaki, Salim and Goga, Oana and Haddadi, Hamed and Snyder, Peter
Publié dans: Proceedings of the 2023 ACM on Internet Measurement Conference, 2023, ISBN 9798400703829
Éditeur: ACM
DOI: 10.1145/3618257.3624823

From a user-centric co-creation process and assessment approach to a cyber literacy path: the TRUST aWARE pilot experience

Auteurs: Mazzucato, Annaleda; del Álamo Cienfuegos, Andres
Publié dans: Fourth Workshop of Technology Enhanced Learning Environments for Blended Education – The Italian e-Learning Conference (teleXbe), Numéro 2024, 2024
Éditeur: CEUR Workshop Proceedings
DOI: 10.3030/101021377

Marketing to Children Through Online Targeted Advertising: Targeting Mechanisms and Legal Aspects

Auteurs: Medjkoune, Tinhinane and Goga, Oana and Senechal, Juliette
Publié dans: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, Numéro 2023, 2023, Page(s) 180–194, ISBN 9798400700507
Éditeur: Association for Computing Machinery
DOI: 10.1145/3576915.3623172

What News Do People Get on Social Media? Analyzing Exposure and Consumption of News through Data Donations

Auteurs: Chouaki, Salim and Chakraborty, Abhijnan and Goga, Oana and Zannettou, Savvas
Publié dans: Proceedings of the ACM on Web Conference 2024, Numéro 2024, 2024, Page(s) 2371–2382, ISBN 9798400701719
Éditeur: Association for Computing Machinery
DOI: 10.1145/3589334.3645399

Towards an extensible privacy analysis framework for Smart Homes

Auteurs: A. Girish, J. Tapiador, S. Matic, N. Vallina-Rodriguez
Publié dans: Proceedings of the 22nc ACM Internet Measurement Conference (IMC), 2022
Éditeur: ACM
DOI: 10.1145/3517745.3563023

Not Your Average App: A Large-scale Privacy Analysis of Android Browsers

Auteurs: Pradeep, Amogh; Feal, Álvaro; Gamba, Julien; Rao, Ashwin; Lindorfer, Martina; Vallina-Rodriguez, Narseo; Choffnes, David
Publié dans: Proceedings on Privacy Enhancing Technologies 2023(1), Numéro 2023, 2023, Page(s) 29-46
Éditeur: PETS Symposium
DOI: 10.56553/popets-2023-0003

Exploring the Online Micro-targeting Practices of Small, Medium, and Large Businesses

Auteurs: S. Chouaki, I. Bouzenia, O. Goga, B. Rousillon
Publié dans: ACM Conference on Computer-Supported Cooperative Work and Social Computing, Numéro 6, 378, 2022, Page(s) 1-23
Éditeur: ACM
DOI: 10.1145/3555103

A Comparative Analysis of Certificate Pinning in Android & iOS

Auteurs: A. Pradeep, M.P. Paracha, P. Bhowmick, A. Davanian, A. Razaghpanah, T. Chung, M. Lindorfer, N. Vallina-Rodriguez, D. Levin, D. Choffnes
Publié dans: Proceedings of the 22nc ACM Internet Measurement Conference (IMC), 2022, Page(s) 605-618
Éditeur: ACM
DOI: 10.1145/3517745.3561439

In the Room Where It Happens: Characterizing Local Communication and Threats in Smart Homes

Auteurs: Girish, Aniketh and Hu, Tianrui and Prakash, Vijay and Dubois, Daniel J. and Matic, Srdjan and Huang, Danny Yuxing and Egelman, Serge and Reardon, Joel and Tapiador, Juan and Choffnes, David and Vallina-Rodriguez, Narseo
Publié dans: Proceedings of the 2023 ACM on Internet Measurement Conference, Numéro 2023, 2023, Page(s) 437–456, ISBN 9798400703829
Éditeur: ACM
DOI: 10.1145/3618257.3624830

understanding TLS usage in consumer IoT devices

Auteurs: Muhammad Talha Paracha; Daniel J. Dubois; Narseo Vallina-Rodriguez; David Choffnes
Publié dans: Proceedings of the 21st ACM Internet Measurement Conference (IMC), Numéro 2, 2021
Éditeur: ACM
DOI: 10.1145/3487552.3487830

Challenges in inferring privacy properties of smart devices:Towards scalable multi-vantage point testing methods

Auteurs: Girish, Aniketh and Prakash, Vijay and Egelman, Serge and Reardon, Joel and Tapiador, Juan and Huang, Danny Yuxing and Matic, Srdjan and Vallina-Rodriguez, Narseo
Publié dans: Proceedings of the 3rd International CoNEXT Student Workshop, Numéro 2022, 2022
Éditeur: ACM
DOI: 10.1145/3565477.3569148

Paying Attention to the Algorithm Behind the Curtain: Bringing Transparency to YouTube's Demonetization Algorithms

Auteurs: Arun Dunna; Katherine A. Keith; Ethan Zuckerman; Narseo Vallina-Rodriguez; Brendan O'Connor; Rishab Nithyanand
Publié dans: Proceedings of the ACM CSCW, Numéro 6, 2022
Éditeur: ACM
DOI: 10.1145/3555209

Ethics of Mediating Movement through Digital and Physical Borders

Auteurs: Z. Goldberg,T. Jacquemard, T.
Publié dans: Philosophy of Human-Technology Relations (PHTR2022), 2022
Éditeur: PHTR

Log: It’s Big, It’s Heavy, It’s Filled with Personal Data! Measuring the Logging of Sensitive Information in the Android Ecosystem

Auteurs: Allan Lyons and Julien Gamba and Austin Shawaga and Joel Reardon and Juan Tapiador and Serge Egelman and Narseo Vallina-Rodriguez
Publié dans: 32nd USENIX Security Symposium (USENIX Security 23), Numéro 2023, 2023, Page(s) 2115--2132, ISBN 978-1-939133-37-3
Éditeur: USENIX Association
DOI: 10.5555/3620237

Understanding engagement with U.S. (mis)information news sources on Facebook

Auteurs: Laura Edelson; Minh-Kha Nguyen; Ian Goldstein; Oana Goga; Damon McCoy; Tobias Lauinger
Publié dans: Internet Measurement Conference, Numéro 2, 2021
Éditeur: IMC
DOI: 10.1145/3487552.3487859

Chrowned by an Extension: Abusing the Chrome DevTools Protocol through the Debugger API

Auteurs: Moreno, José Miguel; Vallina-Rodriguez, Narseo; Tapiador, Juan
Publié dans: 2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P), Numéro 2023, 2023, Page(s) 832-846
Éditeur: IEEE Computer Society
DOI: 10.1109/eurosp57164.2023.00054

Mixed Signals: Analyzing Software Attribution Challenges in the Android Ecosystem

Auteurs: Hageman, Kaspar; Feal, Alvaro; Gamba, Julien; Girish, Aniketh; Bleier, Jakob; Lindorfer, Martina; Tapiador, Juan; Vallina-Rodriguez, Narseo
Publié dans: IEEE Transactions on Software Engineering, Numéro Volume 49, Numéro 4, 2023, Page(s) 2964–2979, ISSN 0098-5589
Éditeur: Institute of Electrical and Electronics Engineers
DOI: 10.1109/tse.2023.3236582

Mules and permission laundering in android: Dissecting custom permissions in the wild

Auteurs: Gamba, Julien and Feal, Álvaro and Blazquez, Eduardo and Bandara, Vinuri and Razaghpanah, Abbas and Tapiador, Juan and Vallina-Rodriguez, Narseo
Publié dans: IEEE Transactions on Dependable and Secure Computing, 2023, Page(s) 1-18, ISSN 1941-0018
Éditeur: IEEE
DOI: 10.1109/tdsc.2023.3288981

An analysis of fake social media engagement services

Auteurs: Nevado-Catalan, David and Pastrana, Sergio and Vallina-Rodriguez, Narseo and Tapiador, Juan
Publié dans: Comput. Secur., Numéro 124-C, 2023, ISSN 0167-4048
Éditeur: Pergamon Press Ltd.
DOI: 10.1016/j.cose.2022.103013

Kunai: A static analysis framework for Android apps

Auteurs: Eduardo Blazquez, Juan Tapiador
Publié dans: SoftwareX, 2023, ISSN 2352-7110
Éditeur: Elsevier
DOI: 10.1016/j.softx.2023.101370

Recherche de données OpenAIRE...

Livrables

Publications

Partager cette page Partager cette page sur les réseaux sociaux

Télécharger Télécharger le contenu de la page