AI4Cyber

Intrusion Detection Incident Response

Cyber threats are probably the most rapidly evolving threats today. New attacks and techniques are developed every day by large state-sponsored groups. Moreover, due to the tight interconnection of systems over the Internet, adversaries can manifest threats from anywhere in the World. Adversaries of today have resources and time, and can invoke damaging attacks with ease. At the same time, we are each day more dependent on our networks, data and computer systems to achieve our missions. Protecting these is thus of paramount importance. State of the art COTS solutions are not sufficient. To mitigate these threats, new detection and protection systems must be developed, that go beyond the state of the art.

This project plans to study and compare the latest advances in Artificial Intelligence (AI) techniques, and apply them to implement or enhance the protection of BEL Defence cyber assets.

The envisioned algorithms of interest will include: 

• deep machine learning;
• multi-heuristic aggregation operators;
• explainable AI;
• adversarial training for deep machine learning.

And the possible applications include:

• the detection of Advanced Persistent Threats (APT) in a military network;
• the detection of server webshells;
• the detection of compromised IoT devices;
• the detection of digital identity theft (SS7 messages anomaly detection).