Systems still suffer from vulnerabilities, despite the many active or passive defenses in place that have been developed in the last few decades.
ReAct performs state-of-the-art research in order (i) to respond to early signals of cyber attacks, (ii) to build expertise in experimental cyber security, and (iii) to contribute to European Digital Sovereignty. - Evangelos Markatos, ReAct Project Coordinator
ReAct (REactively Defending against Advanced Cybersecurity Threats) is an H2020 project, which started last June 2018 and will run until May 2021. The project develops state-of-the-art research along with proof-of-concept tools that (i) expose cybersecurity vulnerabilities in modern applications, and (ii) help patch these vulnerabilities so that computing devices can be safer to use. These proof-of-concept tools have been based on state-of-the-art fuzzing approaches and advanced vulnerability discovery techniques. The ReAct project provides not only reactive cyber security solutions, but also has proactive dimensions that can help enterprises identify those elements in their system that are more likely to be targeted by cyber attackers such that their security issues can be fixed before the real attack happens.
ReAct researchers have developed fuzzing tools and methodologies that expose security vulnerabilities both in software and in hardware systems. Their participation in bug bounty programs has exposed new transient execution vulnerabilities in Intel CPUs which have already led to several security patches being deployed worldwide, while other fixes are still forthcoming. (https://www.vusec.net/projects/crosstalk/)
Along the same axis, similar research can be deployed in other everyday software and hardware products.
ReAct contributes in building scientific expertise in the area of systems security in Europe. This, in turn, contributes to the creation of a generation of highly-skilled engineers and researchers in the area of cybersecurity who can staff the European industry and contribute towards European Digital Sovereignty.
To find out more visit the ReAct minisite.
If you missed the webinar last 29 October on “Effective protection on Critical Infrastructures against cyber threats”, watch it again and download the ReAct presentation here.