Now Hiring: Several Fully Funded PhD Positions are Available.

Cyber Security Analytics and Automation

Overview

By the year 2021, cybercrime losses will cost upwards of $6 trillion annually. According to the Capgemini report, 42% of the companies had seen a rise in security incidents. Two out of three organizations are ready to pay top dollars for strengthening cybersecurity with Artificial Intelligence. Cognitive security combines the strengths of artificial intelligence and human intelligence. AI technologies like machine learning and natural language processing enable analysts to respond to threats with greater confidence and speed. Systems that run on AI unlock potential for natural language processing which collects information automatically by combing through articles, news, and studies on cyber threats. This information can give insight into anomalies, cyber-attacks, and prevention strategies.

Within the area of AI for cybersecurity, CREST researchers leverage the application of AI such as machine learning, deep learning and natural language processing for automated security data such as logfile, threat intelligence reports, security tool documentation analysis, phishing detection, data theft detection and so on. The aim is to design, develop and deploy AI-based automation in security to minimize and assist the human efforts. As the potential of AI is being explored to boost cyber security, it is also being used by hackers. Hence, the vision is to come up with AI-powered solutions with a mix of traditional methods and AI to stay on top of cyber security strategy with automated security data and documentation analysis.

Topic Areas

Mining Open-source Repositories for Predictive Security Analytics

The focus of CREST researchers is to utilize data available in open-source repositories to develop high-performing and robust AI-enabled prediction models to automate the detection, characterization, and fixing prioritization of vulnerabilities in time. We also study the security discussions of developers on open-source repositories (e.g., GitHub) and/or Q&A websites (e.g, Stack Overflow and Security StackExchange) to understand the current security challenges/risks and give suggestions on how researchers, educators and practitioners can maximally leverage and contribute to developing more secure software.

Real-time Big Data Analytics

CREST researchers leverage state-of-the-art techniques (e.g., AI and search-based optimization) to design, implement, deploy, and evaluate big data systems for optimally collecting, storing, analyzing, and visualizing a large volume of data in real-time. CREST research particularly focuses on the evaluation of big data storage solutions (e.g., Cassandra and MongDB) and big data analytical solutions (e.g., Spark and Flink) as deployed on private, public, and hybrid clouds. The application domains of our research on real-time big data analytics include but not limited to cyber security, oil and gas, and healthcare.

Cyber Common Operating Pictures (CCOP)

The goal of this research is to build and rigorously evaluate novel approaches, metrics, and technological infrastructure for providing a highly configurable Platform for CCOP that will enhance Cyber Situational Awareness in an organisation and allow them to redefine how they manage cyber security.