The image was generated using AI tools to visually represent the concept of artificial intelligence and protection. The design symbolises the integration of AI with cybersecurity measures, showcasing abstract elements like circuit patterns, digital lines, and modern shield motifs. These visuals aim to convey the technological and futuristic themes associated with AI-driven security frameworks.
Start date: 1st October 2023
End date: 1st October 2025
Funding agency: Italian Ministry of Research
In collaboration with:
- Politecnico di Torino, Italy
- University of Torino, Italy
Abstract
The current threat landscape, adversarial ecosystem, and expansion of the attack surface link to an environment of staggering complexity where cyber threats affect the entire fabric of our interconnected world. Optimising for the known threats is not enough: we need to build resilient systems that quickly adapt to new types of complex attacks. Machine Learning and Artificial Intelligence (AI) algorithms enable new methodologies to extract knowledge and actionable intelligence from large service streams and networking device logs (TECHINT).ACRE will advance the state-of-the-art in cyber threat intelligence analysis — from data collection to causal hypotheses generation — to provide active defence against novel — yet unknown — threats to reinforce the resilience of cybersecurity active defence mechanisms in Italy and Europe.
Our aims are:
- to understand how to gather contextual evidence for supporting security analysts in their cyber threat situational understanding;
- to advance robust and trustworthy capabilities for cyber threat situational understanding;
- to assist security analysts in uncovering novel threats quickly.
The concrete objectives of ACRE are:
- to mature the representation of heterogeneous data collected by security sensors distributed across the network for identifying groups of attacks with similar patterns in order to understand how to gather contextual evidence for supporting security analysts in their cyber threat situational understanding;
- to investigate efficient uncertainty-aware causal learning and reasoning over large bandwidth data streams in order to advance robust and trustworthy capabilities for cyber threat situational understanding;
- to enable state-of-the-art security monitoring infrastructures to evolve autonomously for maximising data collection of unknown attack patterns to assist security analysts in uncovering novel threats quickly.
ACRE will advance the state-of-the-art in representation learning and reasoning over complex streams of TECHINT. Moreover, it will also improve current active defence solutions by proposing the concept of autonomous defence that employs both smart honeypots and reinforcement learning.