CyberSpec

General Information

Reference:

Armasuisse S+T (CYD-C-2020003)

Source of funding:

Armasuisse

Project Duration:

1.02.2021 - 30.11.2021

Project Overview

The main objective of the CyberSpec project is to research, design, and implement an intelligent and automatic framework providing secure and trusted resource-constrained sensors used in crowdsensing platforms. 

 

To achieve this goal, the following objectives are defined:

To create a so far fully unknown and non-existing labeled dataset, which supports the modeling of the internal behavior of Raspberry Pis affected by real, recent, and dangerous malware, which possibly can affect general Linux-based systems: The dataset will be used to model how malware samples, belonging to different types of families, affect different dimensions and metrics of the Raspberry Pis. These metrics may include parameters such as Hardware Performance Counter (HPC), system calls (Syscalls), and resource usage (e.g., CPU, Memory, or Network).


To design, implement, and initially validate an AI-based anomaly detection module being able to detect those anomalies produced by these malware samples stated above: Thus, a classification of these according to their behavior is foreseen to be determined, enabling a measurably better selection of countermeasures. Different supervised and unsupervised AI-based techniques will be used.


To research on trust: A trust algorithm to provide a measurable trust level of AI-based detection module predictions achieved. The suitability of heterogeneous dimensions, such as (1) prediction confidence scores, (2) methodology followed, (3) data used to train and evaluate models, and (4) algorithms selected, will be analyzed and determined to provide a viable basis for a possible design of such the trust algorithm.

Publications

  • Alberto Huertas, Pedro Sánchez, Muriel Franco, Bruno Rodrigues, Gérôme Bovet, Gregorio Martínez, Burkhard Stiller: Intelligent Behavioral Fingerprinting - From Theory to Practice; 17th International Conference on Network and Service Management (CNSM 2021), Izmir, Turkey, Virtually, Izmir, Turkey, October 2021. 

 

  • Pedro Miguel Sánchez Sánchez, Alberto Huertas Celdrán, Gérôme Bovet, Gregorio Martínez Pérez, Burkhard Stiller: Secure Crowdsensing Platforms Through Device Behavior Fingerprinting; 2021 Spanish Cybersecurity Research Conference (JNIC 2021), "VI Jornadas Nacionales de Investigación en Ciberseguridad", Ciudad Real, Spain, June 2021, pp 1–4.

Contact

Inquiries may be directed to the local Swiss project management:

Prof. Dr. Burkhard Stiller,

Dr. Alberto Huertas Celdrán 

University of Zürich, IFI
Binzmühlestrasse 14
CH-8050 Zürich
Switzerland

stiller@ifi.uzh.ch,

huertas@ifi.uzh.ch

Phone: +41 44 635 75 85

Fax: +41 44 635 68 09