Visible to the public Biblio

Filters: Keyword is Europe  [Clear All Filters]
2021-03-29
Feng, G., Zhang, C., Si, Y., Lang, L..  2020.  An Encryption and Decryption Algorithm Based on Random Dynamic Hash and Bits Scrambling. 2020 International Conference on Communications, Information System and Computer Engineering (CISCE). :317–320.
This paper proposes a stream cipher algorithm. Its main principle is conducting the binary random dynamic hash with the help of key. At the same time of calculating the hash mapping address of plaintext, change the value of plaintext through bits scrambling, and then map it to the ciphertext space. This encryption method has strong randomness, and the design of hash functions and bits scrambling is flexible and diverse, which can constitute a set of encryption and decryption methods. After testing, the code evenness of the ciphertext obtained using this method is higher than that of the traditional method under some extreme conditions..
2021-03-16
Fiebig, T..  2020.  How to stop crashing more than twice: A Clean-Slate Governance Approach to IT Security. 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS PW). :67—74.

"Moving fast, and breaking things", instead of "being safe and secure", is the credo of the IT industry. However, if we look at the wide societal impact of IT security incidents in the past years, it seems like it is no longer sustainable. Just like in the case of Equifax, people simply forget updates, just like in the case of Maersk, companies do not use sufficient network segmentation. Security certification does not seem to help with this issue. After all, Equifax was IS027001 compliant.In this paper, we take a look at how we handle and (do not) learn from security incidents in IT security. We do this by comparing IT security incidents to early and later aviation safety. We find interesting parallels to early aviation safety, and outline the governance levers that could make the world of IT more secure, which were already successful in making flying the most secure way of transportation.

2021-03-15
Bresch, C., Lysecky, R., Hély, D..  2020.  BackFlow: Backward Edge Control Flow Enforcement for Low End ARM Microcontrollers. 2020 Design, Automation Test in Europe Conference Exhibition (DATE). :1606–1609.
This paper presents BackFlow, a compiler-based toolchain that enforces indirect backward edge control flow integrity for low-end ARM Cortex-M microprocessors. BackFlow is implemented within the Clang/LLVM compiler and supports the ARM instruction set and its subset Thumb. The control flow integrity generated by the compiler relies on a bitmap, where each set bit indicates a valid pointer destination. The efficiency of the framework is benchmarked using an STM32 NUCLEO F446RE microcontroller. The obtained results show that the control flow integrity solution incurs an execution time overhead ranging from 1.5 to 4.5%.
2021-03-04
Carrozzo, G., Siddiqui, M. S., Betzler, A., Bonnet, J., Perez, G. M., Ramos, A., Subramanya, T..  2020.  AI-driven Zero-touch Operations, Security and Trust in Multi-operator 5G Networks: a Conceptual Architecture. 2020 European Conference on Networks and Communications (EuCNC). :254—258.
The 5G network solutions currently standardised and deployed do not yet enable the full potential of pervasive networking and computing envisioned in 5G initial visions: network services and slices with different QoS profiles do not span multiple operators; security, trust and automation is limited. The evolution of 5G towards a truly production-level stage needs to heavily rely on automated end-to-end network operations, use of distributed Artificial Intelligence (AI) for cognitive network orchestration and management and minimal manual interventions (zero-touch automation). All these elements are key to implement highly pervasive network infrastructures. Moreover, Distributed Ledger Technologies (DLT) can be adopted to implement distributed security and trust through Smart Contracts among multiple non-trusted parties. In this paper, we propose an initial concept of a zero-touch security and trust architecture for ubiquitous computing and connectivity in 5G networks. Our architecture aims at cross-domain security & trust orchestration mechanisms by coupling DLTs with AI-driven operations and service lifecycle automation in multi-tenant and multi-stakeholder environments. Three representative use cases are identified through which we will validate the work which will be validated in the test facilities at 5GBarcelona and 5TONIC/Madrid.
2020-10-12
Luma, Artan, Abazi, Blerton, Aliu, Azir.  2019.  An approach to Privacy on Recommended Systems. 2019 3rd International Symposium on Multidisciplinary Studies and Innovative Technologies (ISMSIT). :1–5.
Recommended systems are very popular nowadays. They are used online to help a user get the desired product quickly. Recommended Systems are found on almost every website, especially big companies such as Facebook, eBay, Amazon, NetFlix, and others. In specific cases, these systems help the user find a book, movie, article, product of his or her preference, and are also used on social networks to meet friends who share similar interests in different fields. These companies use referral systems because they bring amazing benefits in a very fast time. To generate more accurate recommendations, recommended systems are based on the user's personal information, eg: different ratings, history observation, personal profiles, etc. Use of these systems is very necessary but the way this information is received, and the privacy of this information is almost constantly ignored. Many users are unaware of how their information is received and how it is used. This paper will discuss how recommended systems work in different online companies and how safe they are to use without compromising their privacy. Given the widespread use of these systems, an important issue has arisen regarding user privacy and security. Collecting personal information from recommended systems increases the risk of unwanted exposure to that information. As a result of this paper, the reader will be aware of the functioning of Recommended systems, the way they receive and use their information, and will also discuss privacy protection techniques against Recommended systems.
2020-10-05
Rafati, Jacob, DeGuchy, Omar, Marcia, Roummel F..  2018.  Trust-Region Minimization Algorithm for Training Responses (TRMinATR): The Rise of Machine Learning Techniques. 2018 26th European Signal Processing Conference (EUSIPCO). :2015—2019.

Deep learning is a highly effective machine learning technique for large-scale problems. The optimization of nonconvex functions in deep learning literature is typically restricted to the class of first-order algorithms. These methods rely on gradient information because of the computational complexity associated with the second derivative Hessian matrix inversion and the memory storage required in large scale data problems. The reward for using second derivative information is that the methods can result in improved convergence properties for problems typically found in a non-convex setting such as saddle points and local minima. In this paper we introduce TRMinATR - an algorithm based on the limited memory BFGS quasi-Newton method using trust region - as an alternative to gradient descent methods. TRMinATR bridges the disparity between first order methods and second order methods by continuing to use gradient information to calculate Hessian approximations. We provide empirical results on the classification task of the MNIST dataset and show robust convergence with preferred generalization characteristics.

2020-09-21
Vasile, Mario, Groza, Bogdan.  2019.  DeMetrA - Decentralized Metering with user Anonymity and layered privacy on Blockchain. 2019 23rd International Conference on System Theory, Control and Computing (ICSTCC). :560–565.
Wear and tear are essential in establishing the market value of an asset. From shutter counters on DSLRs to odometers inside cars, specific counters, that encode the degree of wear, exist on most products. But malicious modification of the information that they report was always a concern. Our work explores a solution to this problem by using the blockchain technology, a layered encoding of product attributes and identity-based cryptography. Merging such technologies is essential since blockchains facilitate the construction of a distributed database that is resilient to adversarial modifications, while identity-based signatures set room for a more convenient way to check the correctness of the reported values based on the name of the product and pseudonym of the owner alone. Nonetheless, we reinforce security by using ownership cards deployed around NFC tokens. Since odometer fraud is still a major practical concern, we discuss a practical scenario centered on vehicles, but the framework can be easily extended to many other assets.
2020-08-28
McFadden, Danny, Lennon, Ruth, O’Raw, John.  2019.  AIS Transmission Data Quality: Identification of Attack Vectors. 2019 International Symposium ELMAR. :187—190.

Due to safety concerns and legislation implemented by various governments, the maritime sector adopted Automatic Identification System (AIS). Whilst governments and state agencies have an increasing reliance on AIS data, the underlying technology can be found to be fundamentally insecure. This study identifies and describes a number of potential attack vectors and suggests conceptual countermeasures to mitigate such attacks. With interception by Navy and Coast Guard as well as marine navigation and obstacle avoidance, the vulnerabilities within AIS call into question the multiple deployed overlapping AIS networks, and what the future holds for the protocol.

2020-08-24
Raghavan, Pradheepan, Gayar, Neamat El.  2019.  Fraud Detection using Machine Learning and Deep Learning. 2019 International Conference on Computational Intelligence and Knowledge Economy (ICCIKE). :334–339.
Frauds are known to be dynamic and have no patterns, hence they are not easy to identify. Fraudsters use recent technological advancements to their advantage. They somehow bypass security checks, leading to the loss of millions of dollars. Analyzing and detecting unusual activities using data mining techniques is one way of tracing fraudulent transactions. transactions. This paper aims to benchmark multiple machine learning methods such as k-nearest neighbor (KNN), random forest and support vector machines (SVM), while the deep learning methods such as autoencoders, convolutional neural networks (CNN), restricted boltzmann machine (RBM) and deep belief networks (DBN). The datasets which will be used are the European (EU) Australian and German dataset. The Area Under the ROC Curve (AUC), Matthews Correlation Coefficient (MCC) and Cost of failure are the 3-evaluation metrics that would be used.
2020-07-16
Rudolph, Hendryk, Lan, Tian, Strehl, Konrad, He, Qinwei, Lan, Yuanliang.  2019.  Simulating the Efficiency of Thermoelectrical Generators for Sensor Nodes. 2019 4th IEEE Workshop on the Electronic Grid (eGRID). :1—6.

In order to be more environmentally friendly, a lot of parts and aspects of life become electrified to reduce the usage of fossil fuels. This can be seen in the increased number of electrical vehicles in everyday life. This of course only makes a positive impact on the environment, if the electricity is produced environmentally friendly and comes from renewable sources. But when the green electrical power is produced, it still needs to be transported to where it's needed, which is not necessarily near the production site. In China, one of the ways to do this transport is to use High Voltage Direct Current (HVDC) technology. This of course means, that the current has to be converted to DC before being transported to the end user. That implies that the converter stations are of great importance for the grid security. Therefore, a precise monitoring of the stations is necessary. Ideally, this could be accomplished with wireless sensor nodes with an autarkic energy supply. A role in this energy supply could be played by a thermoelectrical generator (TEG). But to assess the power generated in the specific environment, a simulation would be highly desirable, to evaluate the power gained from the temperature difference in the converter station. This paper proposes a method to simulate the generated power by combining a model for the generator with a Computational Fluid Dynamics (CFD) model converter.

2020-07-06
Mikhalevich, I. F., Trapeznikov, V. A..  2019.  Critical Infrastructure Security: Alignment of Views. 2019 Systems of Signals Generating and Processing in the Field of on Board Communications. :1–5.
Critical infrastructures of all countries unites common cyberspace. In this space, there are many threats that can disrupt the security of critical infrastructure in one country, but also cause damage in other countries. This is a reality that makes it necessary to agree on intergovernmental national views on the composition of critical infrastructures, an assessment of their security and protection. The article presents an overview of views on critical infrastructures of the United States, the European Union, the United Kingdom, and the Russian Federation, the purpose of which is to develop common positions.
2020-06-26
Puccetti, Armand.  2019.  The European H2020 project VESSEDIA (Verification Engineering of Safety and SEcurity critical Dynamic Industrial Applications). 2019 22nd Euromicro Conference on Digital System Design (DSD). :588—591.

This paper presents an overview of the H2020 project VESSEDIA [9] aimed at verifying the security and safety of modern connected systems also called IoT. The originality relies in using Formal Methods inherited from high-criticality applications domains to analyze the source code at different levels of intensity, to gather possible faults and weaknesses. The analysis methods are mostly exhaustive an guarantee that, after analysis, the source code of the application is error-free. This paper is structured as follows: after an introductory section 1 giving some factual data, section 2 presents the aims and the problems addressed; section 3 describes the project's use-cases and section 4 describes the proposed approach for solving these problems and the results achieved until now; finally, section 5 discusses some remaining future work.

2020-06-15
Puteaux, Pauline, Puech, William.  2018.  Noisy Encrypted Image Correction based on Shannon Entropy Measurement in Pixel Blocks of Very Small Size. 2018 26th European Signal Processing Conference (EUSIPCO). :161–165.
Many techniques have been presented to protect image content confidentiality. The owner of an image encrypts it using a key and transmits the encrypted image across a network. If the recipient is authorized to access the original content of the image, he can reconstruct it losslessly. However, if during the transmission the encrypted image is noised, some parts of the image can not be deciphered. In order to localize and correct these errors, we propose an approach based on the local Shannon entropy measurement. We first analyze this measure as a function of the block-size. We provide then a full description of our blind error localization and removal process. Experimental results show that the proposed approach, based on local entropy, can be used in practice to correct noisy encrypted images, even with blocks of very small size.
2020-06-01
Vural, Serdar, Minerva, Roberto, Carella, Giuseppe A., Medhat, Ahmed M., Tomasini, Lorenzo, Pizzimenti, Simone, Riemer, Bjoern, Stravato, Umberto.  2018.  Performance Measurements of Network Service Deployment on a Federated and Orchestrated Virtualisation Platform for 5G Experimentation. 2018 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN). :1–6.
The EU SoftFIRE project has built an experimentation platform for NFV and SDN experiments, tailored for testing and evaluating 5G network applications and solutions. The platform is a fully orchestrated virtualisation testbed consisting of multiple component testbeds across Europe. Users of the platform can deploy their virtualisation experiments via the platform's Middleware. This paper introduces the SoftFIRE testbed and its Middleware, and presents a set of KPI results for evaluation of experiment deployment performance.
2020-04-24
Bellec, Q., le Claire, J.C., Benkhoris, M.F., Coulibaly, P..  2019.  Investigation of time delay effects on the current in a power converter regulated by Phase-Shift Self-Oscillating Current Controller. 2019 21st European Conference on Power Electronics and Applications (EPE '19 ECCE Europe). :P.1–P.10.

This paper deals with effects of current sensor bandwidth and time delays in a system controlled by a Phase-Shift Self-Oscillating Current Controller (PSSOCC). The robustness of this current controller has been proved in former works showing its good performances in a large range of applications including AC/DC and DC/AC converters, power factor correction, active filters, isolation amplifiers and motor control. As switching frequencies can be upper than 30kHz, time delays and bandwidth limitations cannot be neglected in comparison with former works on this robust current controller. Thus, several models are proposed in this paper to analyze system behaviours. Those models permit to find analytical expressions binding maximum oscillation frequency with time delay and/or additional filter parameters. Through current spectrums analysis, quality of analytical expressions is proved for each model presented in this work. An experimental approach shows that every element of the electronic board having a low-pass effect or delaying command signals need to be included in the model in order to have a perfect match between calculations, simulations and practical results.

2020-02-26
Vlachokostas, Alex, Prousalidis, John, Spathis, Dimosthenis, Nikitas, Mike, Kourmpelis, Theo, Dallas, Stefanos, Soghomonian, Zareh, Georgiou, Vassilis.  2019.  Ship-to-Grid Integration: Environmental Mitigation and Critical Infrastructure Resilience. 2019 IEEE Electric Ship Technologies Symposium (ESTS). :542–547.

The United States and European Union have an increasing number of projects that are engaging end-use devices for improved grid capabilities. Areas such as building-to-grid and vehicle-to-grid are simple examples of these advanced capabilities. In this paper, we present an innovative concept study for a ship-to-grid integration. The goal of this study is to simulate a two-way power flow between ship(s) and the grid with GridLAB-D for the port of Kyllini in Greece, where a ship-to-shore interconnection was recently implemented. Extending this further, we explore: (a) the ability of ships to meet their load demand needs, while at berth, by being supplied with energy from the electric grid and thus powering off their diesel engines; and (b) the ability of ships to provide power to critical loads onshore. As a result, the ship-to-grid integration helps (a) mitigate environmental pollutants from the ships' diesel engines and (b) provide resilience to nearby communities during a power disruption due to natural disasters or man-made threats.

Nowak, Mateusz, Nowak, Sławomir, Domańska, Joanna.  2019.  Cognitive Routing for Improvement of IoT Security. 2019 IEEE International Conference on Fog Computing (ICFC). :41–46.

Internet of Things is nowadays growing faster than ever before. Operators are planning or already creating dedicated networks for this type of devices. There is a need to create dedicated solutions for this type of network, especially solutions related to information security. In this article we present a mechanism of security-aware routing, which takes into account the evaluation of trust in devices and packet flows. We use trust relationships between flows and network nodes to create secure SDN paths, not ignoring also QoS and energy criteria. The system uses SDN infrastructure, enriched with Cognitive Packet Networks (CPN) mechanisms. Routing decisions are made by Random Neural Networks, trained with data fetched with Cognitive Packets. The proposed network architecture, implementing the security-by-design concept, was designed and is being implemented within the SerIoT project to demonstrate secure networks for the Internet of Things (IoT).

2020-02-17
Thomopoulos, Stelios C. A..  2019.  Maritime Situational Awareness Forensics Tools for a Common Information Sharing Environment (CISE). 2019 4th International Conference on Smart and Sustainable Technologies (SpliTech). :1–5.
CISE stands for Common Information Sharing Environment and refers to an architecture and set of protocols, procedures and services for the exchange of data and information across Maritime Authorities of EU (European Union) Member States (MS's). In the context of enabling the implementation and adoption of CISE by different MS's, EU has funded a number of projects that enable the development of subsystems and adaptors intended to allow MS's to connect and make use of CISE. In this context, the Integrated Systems Laboratory (ISL) has led the development of the corresponding Hellenic and Cypriot CISE by developing a Control, Command & Information (C2I) system that unifies all partial maritime surveillance systems into one National Situational Picture Management (NSPM) system, and adaptors that allow the interconnection of the corresponding national legacy systems to CISE and the exchange of data, information and requests between the two MS's. Furthermore, a set of forensics tools that allow geospatial & time filtering and detection of anomalies, risk incidents, fake MMSIs, suspicious speed changes, collision paths, and gaps in AIS (Automatic Identification System), have been developed by combining motion models, AI, deep learning and fusion algorithms using data from different databases through CISE. This paper briefly discusses these developments within the EU CISE-2020, Hellenic CISE and CY-CISE projects and the benefits from the sharing of maritime data across CISE for both maritime surveillance and security. The prospect of using CISE for the creation of a considerably rich database that could be used for forensics analysis and detection of suspicious maritime traffic and maritime surveillance is discussed.
Aranha, Helder, Masi, Massimiliano, Pavleska, Tanja, Sellitto, Giovanni Paolo.  2019.  Enabling Security-by-Design in Smart Grids: An Architecture-Based Approach. 2019 15th European Dependable Computing Conference (EDCC). :177–179.

Energy Distribution Grids are considered critical infrastructure, hence the Distribution System Operators (DSOs) have developed sophisticated engineering practices to improve their resilience. Over the last years, due to the "Smart Grid" evolution, this infrastructure has become a distributed system where prosumers (the consumers who produce and share surplus energy through the grid) can plug in distributed energy resources (DERs) and manage a bi-directional flow of data and power enabled by an advanced IT and control infrastructure. This introduces new challenges, as the prosumers possess neither the skills nor the knowledge to assess the risk or secure the environment from cyber-threats. We propose a simple and usable approach based on the Reference Model of Information Assurance & Security (RMIAS), to support the prosumers in the selection of cybesecurity measures. The purpose is to reduce the risk of being directly targeted and to establish collective responsibility among prosumers as grid gatekeepers. The framework moves from a simple risk analysis based on security goals to providing guidelines for the users for adoption of adequate security countermeasures. One of the greatest advantages of the approach is that it does not constrain the user to a specific threat model.

2019-02-08
Cao, R., Wong, T. F., Gao, H., Wang, D., Lu, Y..  2018.  Blind Channel Direction Separation Against Pilot Spoofing Attack in Massive MIMO System. 2018 26th European Signal Processing Conference (EUSIPCO). :2559-2563.

This paper considers a pilot spoofing attack scenario in a massive MIMO system. A malicious user tries to disturb the channel estimation process by sending interference symbols to the base-station (BS) via the uplink. Another legitimate user counters by sending random symbols. The BS does not possess any partial channel state information (CSI) and distribution of symbols sent by malicious user a priori. For such scenario, this paper aims to separate the channel directions from the legitimate and malicious users to the BS, respectively. A blind channel separation algorithm based on estimating the characteristic function of the distribution of the signal space vector is proposed. Simulation results show that the proposed algorithm provides good channel separation performance in a typical massive MIMO system.

2018-07-18
Terai, A., Abe, S., Kojima, S., Takano, Y., Koshijima, I..  2017.  Cyber-Attack Detection for Industrial Control System Monitoring with Support Vector Machine Based on Communication Profile. 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS PW). :132–138.

Industrial control systems (ICS) used in industrial plants are vulnerable to cyber-attacks that can cause fatal damage to the plants. Intrusion detection systems (IDSs) monitor ICS network traffic and detect suspicious activities. However, many IDSs overlook sophisticated cyber-attacks because it is hard to make a complete database of cyber-attacks and distinguish operational anomalies when compared to an established baseline. In this paper, a discriminant model between normal and anomalous packets was constructed with a support vector machine (SVM) based on an ICS communication profile, which represents only packet intervals and length, and an IDS with the applied model is proposed. Furthermore, the proposed IDS was evaluated using penetration tests on our cyber security test bed. Although the IDS was constructed by the limited features (intervals and length) of packets, the IDS successfully detected cyber-attacks by monitoring the rate of predicted attacking packets.

2018-06-11
Crabtree, A., Lodge, T., Colley, J., Greenghalgh, C., Mortier, R..  2017.  Accountable Internet of Things? Outline of the IoT databox model 2017 IEEE 18th International Symposium on A World of Wireless, Mobile and Multimedia Networks (WoWMoM). :1–6.

This paper outlines the IoT Databox model as a means of making the Internet of Things (IoT) accountable to individuals. Accountability is a key to building consumer trust and mandated in data protection legislation. We briefly outline the `external' data subject accountability requirement specified in actual legislation in Europe and proposed legislation in the US, and how meeting requirement this turns on surfacing the invisible actions and interactions of connected devices and the social arrangements in which they are embedded. The IoT Databox model is proposed as an in principle means of enabling accountability and providing individuals with the mechanisms needed to build trust in the IoT.

2018-05-24
Dey, A. K., Gel, Y. R., Poor, H. V..  2017.  Motif-Based Analysis of Power Grid Robustness under Attacks. 2017 IEEE Global Conference on Signal and Information Processing (GlobalSIP). :1015–1019.

Network motifs are often called the building blocks of networks. Analysis of motifs is found to be an indispensable tool for understanding local network structure, in contrast to measures based on node degree distribution and its functions that primarily address a global network topology. As a result, networks that are similar in terms of global topological properties may differ noticeably at a local level. In the context of power grids, this phenomenon of the impact of local structure has been recently documented in fragility analysis and power system classification. At the same time, most studies of power system networks still tend to focus on global topo-logical measures of power grids, often failing to unveil hidden mechanisms behind vulnerability of real power systems and their dynamic response to malfunctions. In this paper a pilot study of motif-based analysis of power grid robustness under various types of intentional attacks is presented, with the goal of shedding light on local dynamics and vulnerability of power systems.

2018-02-15
Miller, A., Bentov, I..  2017.  Zero-Collateral Lotteries in Bitcoin and Ethereum. 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS PW). :4–13.

We present cryptocurrency-based lottery protocols that do not require any collateral from the players. Previous protocols for this task required a security deposit that is O(N2) times larger than the bet amount, where N is the number of players. Our protocols are based on a tournament bracket construction, and require only O(logN) rounds. Our lottery protocols thus represent a significant improvement, both because they allow players with little money to participate, and because of the time value of money. The Ethereum-based implementation of our lottery is highly efficient. The Bitcoin implementation requires an O(2N) off-chain setup phase, which demonstrates that the expressive power of the scripting language can have important implications. We also describe a minimal modification to the Bitcoin protocol that would eliminate the exponential blowup.

2018-02-06
Settanni, G., Shovgenya, Y., Skopik, F., Graf, R., Wurzenberger, M., Fiedler, R..  2017.  Acquiring Cyber Threat Intelligence through Security Information Correlation. 2017 3rd IEEE International Conference on Cybernetics (CYBCONF). :1–7.

Cyber Physical Systems (CPS) operating in modern critical infrastructures (CIs) are increasingly being targeted by highly sophisticated cyber attacks. Threat actors have quickly learned of the value and potential impact of targeting CPS, and numerous tailored multi-stage cyber-physical attack campaigns, such as Advanced Persistent Threats (APTs), have been perpetrated in the last years. They aim at stealthily compromising systems' operations and cause severe impact on daily business operations such as shutdowns, equipment damage, reputation damage, financial loss, intellectual property theft, and health and safety risks. Protecting CIs against such threats has become as crucial as complicated. Novel distributed detection and reaction methodologies are necessary to effectively uncover these attacks, and timely mitigate their effects. Correlating large amounts of data, collected from a multitude of relevant sources, is fundamental for Security Operation Centers (SOCs) to establish cyber situational awareness, and allow to promptly adopt suitable countermeasures in case of attacks. In our previous work we introduced three methods for security information correlation. In this paper we define metrics and benchmarks to evaluate these correlation methods, we assess their accuracy, and we compare their performance. We finally demonstrate how the presented techniques, implemented within our cyber threat intelligence analysis engine called CAESAIR, can be applied to support incident handling tasks performed by SOCs.