Distributed AI for dependable cyberSecuritY

Dependable AI-driven Threat and Anomaly Detection

Threat and anomaly detection play crucial roles in safeguarding systems and networks from potential risks and are essential components of a robust cybersecurity strategy. Threat detection involves identifying and recognising potential cyber threats such as malware, hacking attempts, or other malicious activities that can compromise the security and integrity of computer systems, networks, or data. Anomaly detection, on the other hand, focuses on discovering abnormal or unusual patterns in data that deviate significantly from the expected behaviour.

Areas of applications include:

  • Smart industry: Industrial Control Systems are the target of cyberattacks and are subject to anomalies due to hw/sw failures and concept-drift
  • Smart cities: Smart cities, smart homes, connected vehicles, health care devices/applications etc., are all common target of cyberattacks and are subject to anomalies due to hw/sw failures

Our focus:

  • Dependable AI-driven threat and anomaly detection focussing on the following challenges:
    • trade-off between resource-efficient and accurate detection of threats and anomalies
    • robustness to open-world challenges such as adversarial machine learning attacks and concept drift
  • Enhanced Federated Learning for higher accuracy, lower resource overhead and enhanced data confidentiality

Selected Tools

  • FLAD: Adaptive Federated Learning for DDoS Attack Detection [documentation]
  • LUCID: A Practical, Lightweight Deep Learning Solution for DDoS Attack Detection [documentation]

Selected Publications

  • Roberto Doriguzzi Corin, Luis Augusto Dias Knob, Luca Mendozzi, Domenico Siracusa, Marco Savi
    Introducing packet-level analysis in programmable data planes to advance Network Intrusion Detection
    In: Computer Networks (DOI)
  • Roberto Doriguzzi Corin, Domenico Siracusa
    FLAD: Adaptive Federated Learning for DDoS Attack Detection
    In: Computers & Security (DOI)
  • Maged Abdelaty, Roberto Doriguzzi Corin, Domenico Siracusa
    DAICS: A Deep Learning Solution for Anomaly Detection in Industrial Control Systems
    In: IEEE Transactions on Emerging Topics in Computing (DOI)
  • Roberto Doriguzzi Corin, Stuart Millar, Sandra Scott-Hayward, Jesus Martinez-Del-Rincón, Domenico Siracusa
    LUCID: A Practical, Lightweight Deep Learning Solution for DDoS Attack Detection
    In: IEEE Transactions on Network and Service Management (DOI)