The STOP-IT project
STOP-IT focuses on the strategic, tactical and operational protection of critical water infrastructures
against physical and cyber threats
Pleace click on the pictures to read our news
STOP-IT tools to detect a cyber attack
Real-Time Anomaly Detector (RTAD)
Real time anomaly detection on cyber-physical infrastructures using machine learning and signature-based detection of abnormal behaviours within the network. It provides an additional layer of security by detecting potential threats from the logs of the system. The tool is composed of three main components: a security Big Data platform, machine learning algorithms, and signature-based rules. You will find more information about the RTAD under Key Exploitable Results here.
The Real Time Anomaly Detector
Cross Layer Security Information and Event Management (XL-SIEM)
This tool receives events coming from different sources to generate correlated alarms that indicate the risk level, and detailed information about the event (description, IP source and destination, Port source and destination, Protocols). The tool can perform automatic countermeasures or generate tickets for further investigation. It provides enhanced capabilities to address storage limitations, correlation, performance and visualization issues, enabling a reduced reaction time. It is part of the STOP-IT platform. You will find more information about the XL-SIEM under Key Exploitable Results here.
XL-SIEM High Level Architecture
Network Traffic Sensors and Analysers (NTSA)
It incorporates five categories of sensors able to identify different malicious patterns such as TTL-based attacks, brute force attacks, DNS answer attacks, time-based attacks, and domain-based attacks. The Network Traffic Sensors and Analysers go one step beyond of traditional anomaly detection systems based on pattern and regular expressions analysis, by using well-known machine learning mechanisms: One-class Support Vector Machine (One-class SVM) to identify abnormal behaviour in the traffic capture based on a multi-featured approach that restricts the analysis to a modelled IP address and extended in terms of samples (valid and invalid ones). Read more about NTSA here.
„The water sector of the future will be smart: the intelligent integration and analysis of data from different sources will continuously create new opportunities, but also increase system vulnerability facilitated by the ever-changing landscapes of the digital world. The STOP-IT integrated platform aims to make water systems secure and resilient by improving preparedness, awareness and response level to physical, cyber threats, and their combination! I am looking forward to work with such an amazing, motivated and inspiring project consortium and I am optimistic that together we will be able to protect water infrastructure and ensure a safer, smarter, and more efficient water service to everyone.“
~ Rita Ugarelli (STOP-IT coordinator, SINTEF Norway)
„Cyber security should be the concern of every water network operator, not only security nerds!“
~Martin Gilje Jaatun (Security officer and WP10 leader, SINTEF Norway)
„Researchers, scientists, developers and manufacturers from all across Europe are working together in order to make water infrastructure safer for all of us and I am excited to work with such a diverse and professional team.“
~ Lisa Zimmermann (Scientific Journalist, IWW Germany)
„Participation in the STOP-IT project not only reaffirms Cetaqua’s commitment to the research towards better protection of water infrastructures, but also represents a great opportunity to work together with Europe’s leading experts.“
~ Enric Bonet (WP3 leader, Cetaqua Spain)
„Demosthenes said: ‚Small opportunities are often the beginning of great enterprises‘. In the STOP-IT project we have a huge opportunity to produce great research outcomes targeting to the holistic protection of the water infrastructures against physical and cyber threats.“
~Prof. Anastasios Doulamis (WP7 leader, ICCS Greece)