Projects / Programmes
Exposure of modern information and communication infrastructures to cyber attacks
| Code |
Science |
Field |
Subfield |
| 2.08.00 |
Engineering sciences and technologies |
Telecommunications |
|
| Code |
Science |
Field |
| 2.02 |
Engineering and Technology |
Electrical engineering, Electronic engineering, Information engineering |
Cybersecurity, honeypots, cyber attack tracking, data mining, machine learning, artificial intelligence, attacker profiling
Researchers (8)
Organisations (1)
Abstract
BACKGROUND The rapid development of modern technology enabled the digital transformation of both the economy and society. This results in increased productivity and process efficiency, easier communication, faster information retrieval, and easier and more reliable decision-making based on machine learning. At the same time, the digital transformation has led to the rapid increase in the amount of cyber threats. By connecting our physical environments to the Internet and storing our most valuable data in external cloud systems, we are preparing an ideal terrain for attackers. The tools, techniques, and knowledge that were useful for attacking Internet-connected computers are now also useful for attacking critical infrastructures, on which our lives increasingly depend.PROBLEM DEFINITION The protection of information and communication systems is anything but trivial. The reasons can be found in an interplay of human, technological, economic and legal factors. On the one hand, the development of bug-free software and hardware is an extremely complex task; on the other hand, there are still many production systems not designed with security in mind. Technological security vulnerabilities are compounded by human and psychological factors such as poor password hygiene, irregular software updates, and the removal of security measures. Modern trends show that cyber attacks are becoming a lucrative business. However, the given starting points and the listed factors show that the impact of these attacks will only increase with further digitalization, and will have potentially catastrophic consequences for all critical systems. In this project, we want to identify attackers and provide insight into their techniques at three types of exposed targets: web systems, the Internet of Things, and cloud computing infrastructures. To this end, we will establish a distributed system of cyber traps that will allow us to monitor the activities and strategies of attackers. PROJECT OBJECTIVES The aim of the project is to investigate the exposure of modern information and communication infrastructures to cyber risks and to give recommendations for measures to reduce these risks in systems integration and digital transformation projects. Additionally, the purpose of the project is to research existing and develop and prototype new technologies and algorithms, with the help of which it is possible to study different types of cyber attacks and create profiles of both attackers and tools. The area of research will be web and cloud services with associated infrastructure, as well as the abuse of ambient intelligence and intrusions into networks and devices of the Internet of Things. PROJECT STRUCTURE In accordance with the objectives, the project will be divided into 4 work packages (WP), which will be divided into a total of 10 activities: WP 1: Specification of system requirements and architecture WP 2: Establishment of a data collection environment WP 3: Analysis of collected data WP 4: Dissemination CONTENT, METHODOLOGY AND PROGRAM OF WORK WP 1 will address the elicitation and specification of requirements. In lockstep with the requirements engineering, we will perform a classification of services and use both as input data in the design of the system architecture. WP 2 will establish the environment to collect the data needed to study the exposure of modern critical infrastructures to cyber attackers. The development will take place in iterative phases, where the result of data collection activities will inform the improvements of the system to achieve greater persuasiveness and additional metrics covered. WP 3 will analyze the obtained data and focus on attacker profiling. The data will be used as input to algorithms for statistical analysis, data mining, and supervised and unsupervised machine learning. The activities of WP 4 are intended for reporting and disseminating the results of the project to the professional and scientific public.
