Cybercrime is a major risk to countries all over the world, including those situated in the European Union. It is a major threat to the security of citizens, privacy, democracy and the economy. By 2021, cybercrime is expected to cost the world around $1 trillion per year. Already this year, ransomware attacks alone cost us $5 billion, a massive increase compared to the $325 million figure of two years ago. This is supported by a recent study of 237 companies in six countries by Ponemon Institute which revealed the severe reputational and financial consequences of cybercrime. In particular companies lose $9M, on average, each year due to cybercrime. Against the backdrop of this rapid growth in costly cyberattacks, IBM’s CEO Ginni Rometty states: “cybercrime, by definition, is the greatest threat to every profession, every industry, every company in the world.” To counter this ever evolving digital threat, collective efforts are necessary to bring together industry leaders and develop innovative solutions. That’s exactly why the SHIELD project was launched.
What is SHIELD?
SHIELD is a project which focuses on providing security and building protection in the face of cyberthreats and network intruders. To that end, the project is pursuing a universal solution which can be applied to the networks of Internet service providers (ISPs) and corporations. It aims to produce a solution that allows network operators to easily create and deploy virtual security infrastructures which take advantage of the latest innovations and technologies in network security and, in particular, the Network Function Virtualisation paradigm.
It was launched on September, 2016 and will run for 30 months until it concludes on February, 2019. This project tackles a primary concern of the European commission, who recently highlighted the importance of understanding the causes of cyberthreats, as well as developing solutions and foresight tools to improve the competitiveness of the European cybersecurity industry and services. SHIELD was therefore selected among other proposals to receive substantial funding from the European Union’s Horizon 2020 research and innovation programme. This helped form a total budget of €4,5M (€4.552.060,69), of which the EU contributed €3,6M (€3.607.245).
Technology used in the SHIELD project
The main goal of SHIELD is to provide virtual security infrastructures based on virtualized network security functions (vNSF). To achieves this, SHIELD project leverages a combination of Network Functions Virtualisation (NFV), Security-as- a-Service (SecaaS), Big Data Analytics and Trusted Computing (TC) technologies.
To go into more detail, SHIELD takes advantage of NFV to turn security appliances into virtual Network Security Functions. These vNSFs are instantiated within a network infrastructure in order to monitor and filter network traffic in a distributed manner. The resulting metrics, logs and data are recorded and then analyzed by a data analysis and remediation engine (DARE), the brain of the solution.
Using this process, SHIELD can reveal specific vulnerabilities, predict potential attacks and offer greater security to services running within the network. This not only allows ISPs to increase the security of their infrastructure, but it also offers network security and visibility to their customers through a security-as-a-service model. In other words, ISP customers will be able to easily select and deploy various virtual security functions such as firewalls, DPIs, content filters and more from a “vNSF Store” in order to secure their infrastructure.
The SHIELD team
In order to make this innovative network security solution a reality, the SHIELD project relies on a heterogenous group of 12 industry, academic and research leaders from all over Europe, each a specialist in their field. In consolidating the knowledge, expertise and technology of these diverse organizations, SHIELD has created the perfect environment to foster innovation. This environment has facilitated the development of the next-generation of virtual security infrastructure that will keep Europeans safe from cybercrime. The partners collaborating on this project include following organisations:
- Hewlett Packard Labs (UK),
- Telefónica (ESP),
- Talaia (ESP),
- i2Cat (ESP),
- AgID (ITA),
- Politecnico di Torino (ITA),
- Space Hellas (GRC),
- Infili (GRC),
- NCSRD (GRC),
- Orion (GRC),
- Ubiwhere (POR),
- Incites (LUX)
Talaia - Working side by side with HPE & Telefónica
To complement the technology and solutions developed by Hewlett Packard Labs, Telefonica and other project leaders, Talaia is sharing its expertise on network visibility and security solutions. Among other contributions, Talaia is integrating their advanced anomaly detection system into the SHIELD framework which is based on Apache Spot. In particular, although the platform will be open for future integrations, Talaias’ engine would be the only commercial detection engine included in the SHIELD framework. Talaia’s engine will sit alongside an open-source anomaly detection component developed by Infili, to make up the DARE (Data Analysis and Remediation Engine). As an innovative company that prides itself on continuous research and collaborations with industry and research leaders, Talaia is looking to include cutting-edge technologies developed within SHIELD projects into future versions of their products.
At the start of the project, the focus was on fostering collaboration between the different project partners as well as other experts, leaders and influencers in the field. For that reason, SHIELD presented the project and technology at major conferences and events related to IoT security, cybersecurity, Big Data, NFV and SDN. SHIELD attended events all over Europe such as the MPLS+NFV+SDN World Congress in France; the IEEE NetSoft 2017 conference in Italy; the ETSI NFV-SEC meeting in Spain and the IEEE NFV-SDN conference in Germany.
Today, one year after the project launch, SHIELD has already a developed functional architecture and the initial vNSFs and detection algorithms. Additionally, it has become part of the ETSI NFV 001 v1.2.1 standard as a use case for SecaaS (Security as a Service). Finally, as the project was ready to showcase a first demo of the new platform prototype, it presented the prototype at the ENISA workshop “Bonding EU Cyber Threat Intelligence” at the end of October this year.
With about 1.5 years of the full project still remaining, the months ahead are sure to bring even more news as the SHIELD platform evolves. So if you’re looking to stay up-to-date on the latest developments from the SHIELD project, make sure to follow Shield (@shield_h2020) and Talaia (@talaianetworks) on Twitter.
Are you ready to take Talaia’s network visibility SaaS for a testdrive? Then start our free 14-day trial now:
SHIELD - A universal security infrastructure for ISPs and corporate networks using NFV-enabled technologies
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 700199