Navigation auf


Department of Informatics - Communication Systems Group


General Information


Armasuisse S+T (CYD-C-2020003)

Source of funding:


Project Duration:

1.02.2023- 30.11.2023

Project Overview

The main objective of the CyberForce project is to research, design, and implement an intelligent, robust, and privacy-preserving cybersecurity framework providing measures that can be taken to protect resource-constrained devices and keep them secure from a range of emerging attacks. To achieve this goal, the following objectives are defined:


To advance state of the art in terms of intelligent malware-based threats, such as ransomware, cryptominers, and botnets, affecting a wide range of resource-constrained devices. To do so, novel methods based on Reinforcement Learning (RL) for the adaptability and optimization of cyberattacks will be investigated. Thus, to present an accurate picture of how adaptive malware may operate, a malware prototype that makes use of artificial intelligence methods will be designed, implemented, and validated. 

To model and implement an optimization for the orchestration and deployment of mitigation techniques that are capable of mitigating malware affecting computing devices. The goal of the optimization is to derive the optimal mitigation policy considering the impact of the attack and the impact on the system usability. Finally, the fully automated orchestration system will be validated against real-world malware samples and the previously described adaptive malware.
To advance state of the art in terms of algorithms and systems quantifying the trustworthiness level of traditional Machine and Deep Learning Models (ML & DL), as well as more novel Federated Learning (FL) approaches. This objective focuses on exploring novel dimensions (apart from robustness, explainability, fairness, and accountability) such as data quality, clients selection criteria, or federation management to provide trusted AI-based predictions.

To design, implement, and validate a novel adversarial attack module compromising the robustness of Decentralized Federated Learning (DFL) and develop a practical protection module to defend against these attacks. The fundamental goal here is to improve the security and robustness of DFL, which consists of three parts: (1) defining the threat model under DFL, (2) highlighting and exploiting vulnerabilities of DFL, and (3) designing and implementing mechanisms for mitigating attacks exploiting these vulnerabilities.

To enhance the accuracy and efficiency of detection and mitigation mechanisms by designing and implementing an intelligence system that relies on open-source data sources and techniques (i.e., OSINT) to make inferences based on relationships between malicious events, their characteristics (location, duration, scale, etc.) and potential attackers or organizations launching them. Thus, the system will exploit cyber-physical semantics to refine detection and mitigation processes.



Inquiries may be directed to the local Swiss project management:

Prof. Dr. Burkhard Stiller,

Dr. Alberto Huertas Celdrán 

University of Zürich, IFI
Binzmühlestrasse 14
CH-8050 Zürich

Phone: +41 44 635 75 85

Fax: +41 44 635 68 09