Water infrastructures are essential for human society, life and health. They can be endangered by physical or cyber threats with severe societal consequences.
To protect them, STOP-IT brings together a strong team of 23 partners from all across Europe and Israel to develop solutions to the most pressing threats.
The team identifies risks and co-develops an all-hazards risk management framework for the physical and cyber protection of critical water infrastructures.
Project News
Pleace click on the pictures to read our news
Featured Innovation
STOP-IT tools to detect a cyber attack
Real-Time Anomaly Detector (RTAD)
Real time anomaly detection on cyber-physical infrastructures using machine learning and signature-based detection of abnormal behaviours within the network. It provides an additional layer of security by detecting potential threats from the logs of the system. The tool is composed of three main components: a security Big Data platform, machine learning algorithms, and signature-based rules. You will find more information about the RTAD under Key Exploitable Results here.

The Real Time Anomaly Detector
Cross Layer Security Information and Event Management (XL-SIEM)
This tool receives events coming from different sources to generate correlated alarms that indicate the risk level, and detailed information about the event (description, IP source and destination, Port source and destination, Protocols). The tool can perform automatic countermeasures or generate tickets for further investigation. It provides enhanced capabilities to address storage limitations, correlation, performance and visualization issues, enabling a reduced reaction time. It is part of the STOP-IT platform. You will find more information about the XL-SIEM under Key Exploitable Results here.

XL-SIEM High Level Architecture
Network Traffic Sensors and Analysers (NTSA)
It incorporates five categories of sensors able to identify different malicious patterns such as TTL-based attacks, brute force attacks, DNS answer attacks, time-based attacks, and domain-based attacks. The Network Traffic Sensors and Analysers go one step beyond of traditional anomaly detection systems based on pattern and regular expressions analysis, by using well-known machine learning mechanisms: One-class Support Vector Machine (One-class SVM) to identify abnormal behaviour in the traffic capture based on a multi-featured approach that restricts the analysis to a modelled IP address and extended in terms of samples (valid and invalid ones). Read more about NTSA here.

NTSA Architecture
Find more of our tools explained at our Youtube-Channel.
By clicking HERE you will find older featured innovations.