Security through Obscurity — GenAI-based Defensive Cybersecurity
| Type | Status | Published | Supervisors | |
| BA/MA/MP/IS | Assigned | 8 April 2025 |
Andy Aidoo Nasim Nezhadsistani |
aidoo@ifi.uzh.ch nezhadsistani@ifi.uzh.ch |
Robert Mueller, former Director of the FBI, famously stated: "There are only two types of companies: those that have been hacked and those that will be." This quote reflects the asymmetry in cybersecurity, where a defender must be correct 100% of the time, while an adversary only has to get lucky once. Consequently, protecting the ever-growing amount of (sensitive) data from cyber threats is challenging and of paramount importance.
By integrating generative AI to produce synthetic datasets, we can effectively obfuscate real, sensitive information, rendering it useless to adversaries (even after a data breach) while maintaining the functionality of the database. The primary goals of this research are:
- Research and analyze data obfuscation techniques
- Design and implementation of a synthetic data generation model
- Design and implement a secure and scalable database schema
Suggested Reading:
Obfuscation Techniques In Cloud Computing: A Systematic Survey.
Generating synthetic data with differentially private LLM inference
A Survey of Synthetic Data Generation for Machine Learning
Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing
Prerequisites
None