SubsidieMeestersMachine Learning for Offensive Computer Security
The Malfoy project explores the application of machine learning in offensive security to identify vulnerabilities and develop innovative defenses against evolving cyber threats.
Projectdetails
Introduction
Despite a long series of research, computer attacks still pose a major threat to the security of digital systems. Different malicious actors, such as cybercriminals and intelligence agencies, continuously develop new offensive techniques to evade and outsmart existing defenses. As a result, security research is in a constant arms race and needs to anticipate novel developments as early as possible.
Research Gap
However, one of the key technologies of the last years, machine learning, has received very little attention in offensive security so far. The simple question — "how would a hacker use machine learning?" — is largely unexplored and there is a striking gap in current research that hinders the anticipation of forthcoming threats.
Project Overview
The project Malfoy closes this gap and systematically explores how machine learning can be applied for offensive computer security. By adopting the position of an adversary, we investigate how learning algorithms can be used to:
- Find security flaws
- Generate exploits
- Construct computer attacks
To this end, we combine offensive security techniques with modern concepts for discriminative, generative, and reinforcement learning. Our goal is to assess how these techniques can interface with each other and improve their performance through learning.
Impact on Computer Security
Based on this analysis, we become able to devise completely novel defenses that account for the presence of machine learning in the toolchain of attackers. Despite its offensive nature, the project thus strengthens computer security:
- It explores an uncharted area of research and hence will substantially expand our knowledge about modern computer attacks.
- The project gives rise to novel and disruptive protection mechanisms, which enable us to move one step ahead of attack development.
- Finally, the project links two disconnected areas (offensive security and machine learning) and thereby establishes a new branch of joint research.
Financiële details & Tijdlijn
Financiële details
| Subsidiebedrag | € 1.962.000 |
| Totale projectbegroting | € 1.962.000 |
Tijdlijn
| Startdatum | 1-1-2023 |
| Einddatum | 31-12-2027 |
| Subsidiejaar | 2023 |
Partners & Locaties
Projectpartners
- TECHNISCHE UNIVERSITAT BERLINpenvoerder
- TECHNISCHE UNIVERSITAET BRAUNSCHWEIG
Land(en)
Vergelijkbare projecten binnen European Research Council
| Project | Regeling | Bedrag | Jaar | Actie |
|---|---|---|---|---|
Modern Challenges in Learning TheoryThis project aims to develop a new theory of generalization in machine learning that better models real-world tasks and addresses data efficiency and privacy challenges. | ERC Starting... | € 1.433.750 | 2022 | Details |
A Principled Plan to Prevent Transient Execution AttacksGhostbuster aims to automatically detect and mitigate advanced transient execution attacks by analyzing vulnerable code fragments and modeling attack conditions, enhancing security without crippling performance. | ERC Advanced... | € 2.499.995 | 2025 | Details |
Optimizing for Generalization in Machine LearningThis project aims to unravel the mystery of generalization in machine learning by developing novel optimization algorithms to enhance the reliability and applicability of ML in critical domains. | ERC Starting... | € 1.494.375 | 2023 | Details |
Uniting Statistical Testing and Machine Learning for Safe PredictionsThe project aims to enhance the interpretability and reliability of machine learning predictions by integrating statistical methods to establish robust error bounds and ensure safe deployment in real-world applications. | ERC Starting... | € 1.500.000 | 2024 | Details |
Reconciling Classical and Modern (Deep) Machine Learning for Real-World ApplicationsAPHELEIA aims to create robust, interpretable, and efficient machine learning models that require less data by integrating classical methods with modern deep learning, fostering interdisciplinary collaboration. | ERC Consolid... | € 1.999.375 | 2023 | Details |
Modern Challenges in Learning Theory
This project aims to develop a new theory of generalization in machine learning that better models real-world tasks and addresses data efficiency and privacy challenges.
A Principled Plan to Prevent Transient Execution Attacks
Ghostbuster aims to automatically detect and mitigate advanced transient execution attacks by analyzing vulnerable code fragments and modeling attack conditions, enhancing security without crippling performance.
Optimizing for Generalization in Machine Learning
This project aims to unravel the mystery of generalization in machine learning by developing novel optimization algorithms to enhance the reliability and applicability of ML in critical domains.
Uniting Statistical Testing and Machine Learning for Safe Predictions
The project aims to enhance the interpretability and reliability of machine learning predictions by integrating statistical methods to establish robust error bounds and ensure safe deployment in real-world applications.
Reconciling Classical and Modern (Deep) Machine Learning for Real-World Applications
APHELEIA aims to create robust, interpretable, and efficient machine learning models that require less data by integrating classical methods with modern deep learning, fostering interdisciplinary collaboration.
Vergelijkbare projecten uit andere regelingen
| Project | Regeling | Bedrag | Jaar | Actie |
|---|---|---|---|---|
Inzet van computational linguistics voor het vergaren van military intelligenceDit project onderzoekt de haalbaarheid van computational linguistics voor het vergaren van militaire inlichtingen ter verbetering van veiligheid. | Mkb-innovati... | € 20.000 | 2023 | Details |
AI Learning GameEen educatieve stealth/hacking game ontwikkelen die spelers bewust maakt van cybercrime en AI, terwijl ze leren samenwerken met een AI-getrainde co-op speler op hun eigen niveau. | Mkb-innovati... | € 20.000 | 2021 | Details |
Perpetual Sandbox AnalysisHet project ontwikkelt een geautomatiseerde technologie voor het snel monitoren van malware met incubatietijd, gericht op het verbeteren van de cybersecurity van financiële instellingen. | Mkb-innovati... | € 190.050 | 2017 | Details |
Inzet van computational linguistics voor het vergaren van military intelligenceHet project onderzoekt de haalbaarheid van computational linguistics voor het analyseren van data ter ondersteuning van militaire inlichtingen en besluitvorming in een veilige samenleving. | Mkb-innovati... | € 20.000 | 2023 | Details |
Sightlabs: Anomaly Based Clustering ToolSightlabs onderzoekt de haalbaarheid van een cyberbeveiligingstool op basis van Anomaly Based Clustering om geavanceerde interne netwerkindringers sneller te detecteren, met focus op de financiële sector. | Mkb-innovati... | € 20.000 | 2021 | Details |
Inzet van computational linguistics voor het vergaren van military intelligence
Dit project onderzoekt de haalbaarheid van computational linguistics voor het vergaren van militaire inlichtingen ter verbetering van veiligheid.
AI Learning Game
Een educatieve stealth/hacking game ontwikkelen die spelers bewust maakt van cybercrime en AI, terwijl ze leren samenwerken met een AI-getrainde co-op speler op hun eigen niveau.
Perpetual Sandbox Analysis
Het project ontwikkelt een geautomatiseerde technologie voor het snel monitoren van malware met incubatietijd, gericht op het verbeteren van de cybersecurity van financiële instellingen.
Inzet van computational linguistics voor het vergaren van military intelligence
Het project onderzoekt de haalbaarheid van computational linguistics voor het analyseren van data ter ondersteuning van militaire inlichtingen en besluitvorming in een veilige samenleving.
Sightlabs: Anomaly Based Clustering Tool
Sightlabs onderzoekt de haalbaarheid van een cyberbeveiligingstool op basis van Anomaly Based Clustering om geavanceerde interne netwerkindringers sneller te detecteren, met focus op de financiële sector.