Hristo Koshutanski
Hristo Koshutanski  
   
Research Doctorate in Information and Communication Technologies (2005)

MSc in Mathematics specialisation Computer Science (2001)
Intro Research Projects Publications CV (on demand)
 
Projects
 
  Current Projects
 
  Past Projects
 
 
Projects currently involved

  • EU H2020 ELECTRON - rEsilient and seLf-healed EleCTRical pOwer Nanogrid. (Duration: October 2021 - September 2024)
     
    • Technical project manager for Atos Research & Innovation.
    • Involved in coordination of work package 4 on Next Generation EPES Cyber-defence & Protection, and coordination of ARI's work and activities in the project. Extension of ARI's assets XL-SIEM and LADS to detection of anomalies and intrusions on OT protocols (Modbus, IEC-104, and DNP3), but also extended visibility and detection of APT and integration with cyber threat inteligence solutions.
  • EU H2020 SDN-microSENSE - SDN - microgrid reSilient Electrical eNergy SystEm. (Duration: May 2019 - April 2022)
     
    • Technical project manager for Atos Research & Innovation.
    • Joined the project in September 2021.
    • Involved in coordination of ARI's assets of Lightweight Anomaly Detection and XL-SIEM in deployment, validation and demonstration activities in the project's use cases. A number of attack scenarios have been defined for each use case ranging from False data injection, Man-in-the-middle, Information leakage to Unauthorised access and DoS, and covering OT protocols such as Modbus, IEC-104, and DNP3.
 
Projects involved in the past

  • EU H2020 THREAT-ARREST - Cyber Security Threats and Threat Actors Training - Assurance Driven Multi-Layer, end-to-end Simulation and Training. (Duration: September 2018 - August 2021)
     
    • Cybersecurity research engineer & technical project manager, Atos Research & Innovation.
    • Involved in cyber-range platform architecture and integration through orchestration of cyber-system simulation, cyber-system emulation, data fabrication, serious games, and security assurance (refer to publications [1][18][19]).
  • EU H2020 SerIoT - Secure and Safe Internet of Things. (Duration: January 2018 - April 2021)
     
    • Cybersecurity research engineer & technical project manager, Atos Research & Innovation.
    • Involved in IoT security, threat analysis and anomaly detection. IoT system architecture.
  • EU H2020 FINSEC - Integrated Framework for Predictive and Collaborative Security of Financial Infrastructures. (Duration: May 2018 - April 2021)
     
    • Technical project manager, Atos Research & Innovation.
    • Joined the project in April 2020. Involved in coordination of work package 4 activities regarding FINSEC Security Toolbox Integration and Customization. The FINSEC toolbox includes, among other tools, Atos ARI CS's assets XL-SIEM, Risk Assessment Engine, and Vulnerability Assessment and Pentesting.
  • EU H2020 YAKSHA - Cybersecurity Awareness and Knowledge Systemic High-level Application. (Duration: January 2018 - December 2020)
     
    • Cybersecurity research engineer & technical project manager, Atos Research & Innovation.
    • Involved in sandbox-based malware data collection and behaviour analysis using machine learning. Designed and coordinated the development of a correlation module able to derive malware clustering across Windows and Linux based malware samples based on system call traces produced by malware executions in the Cuckoo sandbox environment. We adopted Malheur as the underlying machine learning engine for clustering, and extended the Cuckoo-to-MIST translation to work with latest version of Cuckoo and full set of Windows and Linux system calls.
  • EU FP7 MyWay - European Smart Mobility Resource Manager. (Duration: October 2013 - February 2016)
     
    • Member of the project advisory board on security and privacy regarding implementation and delivery of personalised services for sustainable, smart mobility.
  • EU FP7 CUMULUS - Certification Infrastructure for Multi-layer Cloud Services. (Duration: October 2012 - September 2015)
     
    • Postdoctoral researcher.
    • Involved in security certification for cloud computing and resource virtualisation based on TPM cryptographic hardware, virtual TPM and deep attestation services (refer to publications [20][14]).
    • Involved in the specification of an engineering process and methodology fostering security-by-design during cloud applications engineering with a special focus on certification-aware requirements specification to guarantee level of security assurance when systems have to communicate with certified Cloud services. The engineering process is driven by security knowledge representation defined by several structured models and corresponding security artefacts. Refer to project deliverable D4.3 and publication [20].
  • EU FP7 SUPERHUB - SUstainable and PERsuasive Human Users moBility in future cities. (Duration: October 2011 - September 2014)
     
    • External independent ethics advisor with a special focus on privacy and data protection.
    • Provided 3 annual reports on project's system compliance with national and European regulations.
    • https://www.facebook.com/superhubproject/
  • EU FP7 ASSERT4SOA - Advanced Security Service cERTificate for SOA. (Duration: October 2010 - September 2013)
     
    • Postdoctoral researcher.
    • Involved in developing a language for representing security certificates of services in a structured, machine-processable manner (refer to publications [4,22]), and a concept of a certificate profile facilitating certificate processability and comparability in conformance to certification criteria (refer to publication [21]).
  • DESEOS - Dispositivos Electrónicos Seguros para la Educación, Ocio y Socialización ("Secure electronic devices for education, entertainment and socialization", funded by the regional government of Andalucía; Duration: January 2009 - September 2012).
     
    • Postdoctoral researcher.
    • Involved in designing a security solution for an application of Ambient Assisted Living supporting school activities during hospitalisation (refer to publications [3,6,25]).
  • ConTur - Plataforma para la Gestión Inteligente de Contenidos en el Ámbito del Turismo ("A Platform for Intelligent Content Management in the Field of Tourism", Spanish national-level project; Duration: June 2009 - March 2012).
     
    • Funded by the Spanish Ministry of Industry, Energy and Tourism.
    • Postdoctoral researcher.
    • Involved in developing an identity and authorisation management framework for provisioning of federated touristic content and services. Identity management is based on single sign-on and realised by means of SAML standard with support for user authentication based on username/password and X.509 certificates (such as Spain FNMT certificates). Authorisation is based on RBAC with SAML authorisation assertions to facilitate access to federated services. Refer to publications [13,24].
  • EU FP7 OKKAM - Enabling the Web of Entities: A Scalable and Sustainable Solution for Systematic and Global Identifier Reuse in Decentralised Information Environments. (Duration: January 2008 - July 2010)
     
    • Postdoctoral researcher.
    • Involved in developing a security architecture for dynamic access rights establishment based on attribute-based access control, a trust negotiation mechanism, and digital certificates (X.509 identity and attribute certificates). The trust negotiation mechanism is triggered automatically whenever a client node needs more access rights to use a service. We extended and improved iAccess service (Marie Curie fellowship results) to serve the project's system framework. The goal is to provide flexible and efficient access control enforcement in an open decentralised environment. Refer to publications [5,27].
    • iAccess v2 has been achieved with the support of Ernesto José Pérez García, a senior software engineer.
  • EU FP6 Marie Curie EIF iAccess - Interactive Access Control with Trust Management for Pervasive Autonomic Networks. (Duration: April 2007 - March 2009)
     
    • Postdoctoral researcher.
    • Involved in developing an access control model that leverages on demand service provisioning and resources utilisation in highly dynamic environments. Two research directions are addressed - an access control model for bilateral automated negotiation of access rights, and an access control model for dynamic coalition formations based on multilateral semantic interoperability of credentials (refer to publication [7]). The interactive access control solution is a continuation of the PhD results (refer to publications [11,12,34-41]), and is released as iAccess software. iAccess has been successfully integrated within a Grid monitoring system, leading to a new credential-based authorisation system for Grid (refer publication [8]).
    • Released iAccess software v1.1. It comes with already installed and configured certificates and security policies.
  • EU FP6 ONE - Open Negotiation Environment (September 2006 - June 2009)
     
    • Associated researcher.
    • Member of the project advisory board with a special focus on security and trust management.
    • Involved in the design of identity management, trust and reputation models scalable to the domain of digital ecosystems. Particularly, in the development of a peer-to-peer multidimensional trust model (refer to [29]), in the development of a decentralised identity management model (refer to [10,15,30,31]), and in the development of a rating agency interoperability model (refer to [28]). Joined ONE project advisory board in 2007. Contributed to SECURWARE-2008 conference by introducing a new research track - ECOSEC: ecosystem security and trust.
  • EU FP6 GST S-PAY - Global System for Telematics enabling On-line Safety Services / S-PAY: Service Payment Sub-Project (2004 - 2007)
     
    • Postdoctoral researcher (joined GST S-PAY subproject during November 2006 - March 2007).
  • EU FP5 WASP - Working Group on Answer Set Semantics (2002 - 2005)
     
    • Partially involved during doctorate study.