Navigation auf uzh.ch

Suche

Department of Informatics - Communication Systems Group

CyberForce

General Information

Reference:

Armasuisse S+T (CYD-C-2020003)

Source of funding:

Armasuisse

Project Duration:

1.02.2023- 30.11.2023

Project Overview

The main objective of the CyberForce project is to research, design, and implement an intelligent, robust, and privacy-preserving cybersecurity framework providing measures that can be taken to protect resource-constrained devices and keep them secure from a range of emerging attacks. To achieve this goal, the following objectives are defined:

 

To advance state of the art in terms of intelligent malware-based threats, such as ransomware, cryptominers, and botnets, affecting a wide range of resource-constrained devices. To do so, novel methods based on Reinforcement Learning (RL) for the adaptability and optimization of cyberattacks will be investigated. Thus, to present an accurate picture of how adaptive malware may operate, a malware prototype that makes use of artificial intelligence methods will be designed, implemented, and validated. 


To model and implement an optimization for the orchestration and deployment of mitigation techniques that are capable of mitigating malware affecting computing devices. The goal of the optimization is to derive the optimal mitigation policy considering the impact of the attack and the impact on the system usability. Finally, the fully automated orchestration system will be validated against real-world malware samples and the previously described adaptive malware.
To advance state of the art in terms of algorithms and systems quantifying the trustworthiness level of traditional Machine and Deep Learning Models (ML & DL), as well as more novel Federated Learning (FL) approaches. This objective focuses on exploring novel dimensions (apart from robustness, explainability, fairness, and accountability) such as data quality, clients selection criteria, or federation management to provide trusted AI-based predictions.


To design, implement, and validate a novel adversarial attack module compromising the robustness of Decentralized Federated Learning (DFL) and develop a practical protection module to defend against these attacks. The fundamental goal here is to improve the security and robustness of DFL, which consists of three parts: (1) defining the threat model under DFL, (2) highlighting and exploiting vulnerabilities of DFL, and (3) designing and implementing mechanisms for mitigating attacks exploiting these vulnerabilities.


To enhance the accuracy and efficiency of detection and mitigation mechanisms by designing and implementing an intelligence system that relies on open-source data sources and techniques (i.e., OSINT) to make inferences based on relationships between malicious events, their characteristics (location, duration, scale, etc.) and potential attackers or organizations launching them. Thus, the system will exploit cyber-physical semantics to refine detection and mitigation processes.

Publications

Alberto Huertas Celdrán, Pedro M. Sánchez Sánchez, Gérôme Bovet, Gregorio Martínez Pérez, Burkhard Stiller, "CyberSpec: Intelligent Behavioral Fingerprinting to Detect Attacks on Crowdsensing Spectrum Sensors," IEEE Transactions on Dependable and Secure Computing, In press. (2022 JCR IF: 7.3, Q1).

Pedro M. Sánchez Sánchez, Alberto Huertas Celdrán, Gérôme Bovet, Gregorio Martínez Pérez, Burkhard Stiller, "SpecForce: A Framework to Secure IoT Spectrum Sensors in the Internet of Battlefield Things," IEEE Communications Magazine, In press. (2022 JCR IF: 11.2, Q1).

Pedro M. Sánchez Sánchez, Alberto Huertas Celdrán, Timo Schenk, Adrian L. B. Item, Gérôme Bovet, Gregorio Martínez Pérez, Burkhard Stiller, "Studying the Robustness of Anti-Adversarial Federated Learning Models Detecting Cyberattacks in IoT Spectrum Sensors," IEEE Transactions on Dependable and Secure Computing, In press. (2022 JCR IF: 7.3, Q1).

Alberto Huertas Celdrán, Pedro M. Sánchez Sánchez, Chao Feng, Gérôme Bovet, Gregorio Martínez Pérez, Burkhard Stiller, "Privacy-preserving and Syscall-based Intrusion Detection System for IoT Spectrum Sensors Affected by Data Falsification Attacks," IEEE Internet of Things Journal, vol. 10, no. 10, pp. 8408-8415, May 2023. (2022 JCR IF: 10.6, Q1).

Alberto Huertas Celdrán, Pedro M. Sánchez Sánchez, Miguel Azorín Castillo, Gérôme Bovet, Gregorio Martínez Pérez, Burkhard Stiller, "Intelligent and behavioral-based detection of malware in IoT spectrum sensors," International Journal of Information Security, vol. 22, pp. 541-561, April 2023. (2022 JCR IF: 3.2, Q2).

Alberto Huertas Celdrán, Pedro M. Sanchez Sánchez, Gérôme Bovet, Gregorio Martínez Pérez, Burkhard Stiller, "Fingerprinting to Detect Data Leakage Attacks on Spectrum Sensors," in ICC 2022: Proceedings of the IEEE International Conference on Communications, Seoul (South Korea), 16–20 May 2022.

Contact

Inquiries may be directed to the local Swiss project management:

Prof. Dr. Burkhard Stiller,

Dr. Alberto Huertas Celdrán 

University of Zürich, IFI
Binzmühlestrasse 14
CH-8050 Zürich
Switzerland

stiller@ifi.uzh.ch,

huertas@ifi.uzh.ch

Phone: +41 44 635 75 85

Fax: +41 44 635 68 09