Project Specific Grants / Reserved topic scholarships 2015 - 2nd call

1 - Risk metrics for vulnerabilities (with research fellowship)

This topic is devoted to the research and training in the design, development and validation of cyber-security risk assessment methodology and practical security risk metrics for critical infrastructures. It will also include the design, implementation of empirical validation procedures and experiments to validate risk and security methodology based on a sufficiently representative dataset of vulnerabilities and exploits.
Contact: bruno.crispo [at] unitn.it

fabio.massacci [at] unitn.it ()

2 - Attack vectors & cyber-threats (with research fellowship)

Aim of this topic is the design of  methods that support cyber-security operations by improving the predictive analysis of cyber-attacks,  the resilience of systems and their ability to predict, detect and respond to evolving cyber-attacks. Aim of this topic is also the design of new technique to
identify, assess and quantify new classes of vulnerabilities, cyber threats and attack vectors targeting critical infrastructures.
Contact: bruno.crispo [at] unitn.it

fabio.massacci [at] unitn.it ()
 

3 - Cyber security, in particular technologies for dynamic threat assessment and prediction as well as in risk aware usage control (without scholarship)

Goal of this topic is the definition of a set of techniques and tools for the specification and monitoring of allowed data sharing in distributed organizations. The usage control policies can be related to the risk level computed by means of several factors. The tools developed will be also used for information sharing techniques related to cyber-crime prevention and forensics aspects of data management aligned to the European cyber-security directive and associated EU policies and regulatory requirements and recommendations.
Contact: bruno.crispo [at] unitn.it

fabio.massacci [at] unitn.it ()

4 - Cyber security, in particular technologies for risk assessment and for cyber-insurance (without scholarship)

The objective of this topic is to develop a methodology for risk assessment of an insured company. This should be a quantitative methodology, taking into account structure of the insured company, implemented security practices and addressed standards. The solution should also deal with moral hazard problem and propose solution to reduce information asymmetry. Finally, the risk reported to the insuring company should take into account interdependence of security and risk. .
Contact: bruno.crispo [at] unitn.it

fabio.massacci [at] unitn.it ()