Projektbeschreibung
Kritische Sektoren vor Cyberangriffen schützen
Die Digitalisierung hat kritischen Sektoren wie dem Verkehr, Energie, Gesundheit und Finanzen, die von digitalen Technologien abhängen, neue Möglichkeiten eröffnet. Doch jede Möglichkeit birgt auch Risiken. In diesem Fall sind das Cyberangriffe und Cyberkriminalität. Daher arbeitet die EU an mehreren Fronten daran, die Cyberabwehrfähigkeit und den Kampf gegen Cyberkriminalität auszubauen. In diesem Zusammenhang wird das EU-finanzierte Projekt OPTIMA Verfahren und Instrumente für die Generierung von Gefahreninformationen (erfasste, verarbeitete und analysierte Daten, um die Motive und Ziele hinter der Bedrohung zu verstehen) auf der Grundlage von Algorithmen des maschinellen Lernens entwickeln. Das Projekt wird untersuchen, wie verwertbare Gefahreninformationen aufbereitet und ohne Offenlegung privater Informationen geteilt werden können.
Ziel
The OPTIMA project (Organization sPecific Threat Intelligence Mining and sharing) aims to design techniques and tools for the extraction of Threat Intelligence targeted to organizations using ML algorithms, and effectively share attack records using privacy-preserving methods. The project will use technologies to protect societies from cyber-attacks and sophisticated threats prioritized in the European Council’s New Strategic Agenda. The key beneficiaries of the project are (a) security operation center-to support real time monitoring (b) incident response, threat hunting, fraud detection team-to prioritize risk (c), operational leaders- to prioritize activities of IT staff and (d) Strategic leaders such as Chief Information Security Officers - to make well-informed business decisions. This project will be executed at the University of Padua, under the supervision of Prof. Mauro Conti. The project will investigate solutions for the core questions: RQ1: How effectively can ML algorithms extract organization-specific threat artefacts to be utilized for preparing actionable Threat Intelligence? RQ2: How can organizations share threat intelligence without disclosing their private information to others?
The objectives (SO) of the project are as follows:
1. SO1-To develop techniques for automatic extraction of threat intelligence using OSINT data for diverse IT industries (health care, finance, IoT, education, etc.) using deep learning approaches.
2. SO2-To create a novel automated system to derive Indicator of Compromise (IOC) based on word embedding and syntactic dependencies of words to identify unseen IOCs. Utilizing the extracted IOCs a threat index will be estimated to define the impact of threat and attack trends across individual organizations;
3. SO3-To build a system by integrating cryptographic tools and Federated learning which will enable an organization to anonymously share threat logs with different parties in a privacy-preserving manner
Wissenschaftliches Gebiet
- natural sciencescomputer and information sciencesinternetinternet of things
- engineering and technologyelectrical engineering, electronic engineering, information engineeringelectronic engineeringcontrol systems
- natural sciencescomputer and information sciencesartificial intelligencemachine learningdeep learning
Schlüsselbegriffe
Programm/Programme
- HORIZON.1.2 - Marie Skłodowska-Curie Actions (MSCA) Main Programme
Aufforderung zur Vorschlagseinreichung
Andere Projekte für diesen Aufruf anzeigenFinanzierungsplan
HORIZON-TMA-MSCA-PF-EF - HORIZON TMA MSCA Postdoctoral Fellowships - European FellowshipsKoordinator
35122 Padova
Italien