Upcoming training of European Law Enforcement Agencies on the SIMARGL Project

SIMARGL is a European research project financed by the European Commission through the Grant Agreement 833042. It aims to provide innovative new advanced solutions to fight complex malwares effectively, including information-hiding-capable threats such as stegomalwares.

Stegomalwares are a combination of information-hiding techniques like steganography, with a more common malware propagation method, used to distribute a malicious payload to attacked users. Based on recent reports, the use of this kind of attack to commit cyber-attacks or crimes is rapidly growing – and at the same time, there is still a lack of effective and universal countermeasures. 

imageThe SIMARGL project has decided to utilise well-proven existing products – and further strengthen them with innovative capabilities. During the project, SIMARGL partners will integrate them into a validated toolkit, offered to CERTs and Law Enforcement Agencies (LEA) to help improve their cyber security capabilities. 

One of the existing solutions used in SIMARGL is Airbus Orion Malware, which is an advanced file analysis system relying on different

Orion Mal

detection and analytics approaches:

  • Static analysis in order to detect malicious code hidden in the file content
  • Dynamic behaviour analysis of the suspicious file in a sandbox

Thanks to SIMARGL, this solution has been significantly improved to integrate detection of malicious files based on machine learning algorithms, script-based malware static de-obfuscation and counter-techniques of malware evasion on sandboxes. As a result, its detection capabilities have been increased and the solution has been updated to face new emerging threats. 

To further strengthen the LEA’s cyber security capabilities, the SIMARGL project is also developing a syllabus and pilot training for a series of modular training courses, including: cyber-attacks management, advances assurance and protection.

A first step, performed at the end of 2019, has been to invite EUROPOL, especially the European Cybercrime Centre (EC3) unit, as well as selected LEAs to participate in a targeted analysis of cyber skills gaps.

In order to develop training that plugs these gaps, 85 LEA members have been interviewed resulting in the definition of the following training plan:

Course TitleInstructorApproximate date
Introduction to Cyber ThreatsStichting CUIng Foundation (NL)Nov 20
Cyber Threats – Case Studies and ExercisesStichting CUIng Foundation (NL)Oct 21
Introduction to Cyber Attack ManagementFernUniversität in Hagen (DE)Oct 21
Introduction to Malware Analysis (3 Sessions)Airbus CyberSecurity (FR)Nov 21
Cyber Attack Simulation and Case Studies (3 Sessions)Airbus CyberSecurity (FR)Nov 21
Information Sharing, Analysis and CTIStichting CUIng Foundation (NL)Dec 21
StegomalwareFernUniversität in Hagen (DE)Dec 21
Hidden NetworksConsiglio Nazionale Delle Ricerche (IT)Jan 21
SIMARGL ToolkitRomanian Educational Network (RO)Feb 21

Airbus is leading the following two training sessions:

  • A practical introduction to Malware Analysis using Airbus Orion Malware
  • A session on Cyber Attack Simulation and Cases Studies, which will rely on Airbus CyberRange

These two training sessions will enable LEA to improve their cyber security knowledge while manipulating existing solutions already deployed by Airbus customers. 

If you are interested in learning more, please contact your Key Account Manager.

255px Flag of Europe.svg This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 833042.
Back to News & Blogs
Back to top