skip to main content

Advanced Breach and Attack Simulation using ML

Project

Project Details

Program
Computer Science
Field of Study
Cybersecurity, Machine Learning, Deep Learning, Penetration testing
Division
Computer, Electrical and Mathematical Sciences and Engineering
Center Affiliation
Resilient Computing and Cybersecurity Center

Project Description

Cybersecurity is becoming a need more than ever. Organizations need to protect their digital assets and are required to earn certifications to prove the compliance to the regulations and rules. For this, these assets must be assessed to ensure the target security posture and to get certified or pass an audit on yearly basis. This is a daunting and costly task as it often requires a third-party tester that tries to penetrate the system, under agreement. Breach and Attack Simulation is a new method that allows to do this penetration testing in-house, using some automation tools. Some of these tools can be using scripts of known attack vectors, and running them in sequence. This, however, does not cover unknown zero-day attacks. An intelligent way would be to try to account for potential attack that are unknown. We envision that using some Machine Learning techniques trained on some types of vulnerabilities can make this automation smarter.

About the Researcher

Paulo Esteves-Verissimo
Professor, Computer Science
Computer, Electrical and Mathematical Science and Engineering Division

Affiliations

Education Profile

  • Ph.D., Electrical and Computer Engineering, University of Lisbon (PT), 1990
  • MSc, Electrical and Computer Engineering, University of Lisbon IST (PT), 1984
  • Lic., Electrical Engineering, University of Lisbon IST (PT), 1978

Research Interests

Professor Esteves-VerA­ssimo is currently interested in architectures, middleware and algorithms for resilient modular and distributed computing. It is increasingly believed that Resilient Computing will become the main paradigm for achieving secure and dependable operation of computer systems and networks in a near future, improving classic Cybersecurity techniques. This is due to important intrinsic characteristics of this B.o.K., such as: common approach to accidental and malicious faults/attacks; incremental and adaptive protection against polymorphic threat surfaces; elasticity, plasticity and sustainability. To this end, he investigates such paradigms and techniques reconciling security and dependability, as well as novel ways to apply them in order to achieve system resilience, in areas like: autonomous vehicles from earth to space; distributed control systems; digital health and genomics; SDN-based infrastructures; or blockchain and cryptocurrencies. His research is published in over 200 peer-refereed international publications and 5 international books. He was invited as well to present it in more than 70 keynote speeches or distinguished lectures at reputed venues. Esteves-VerA­ssimo also has a solid systems and engineering track record, having contributed to the design and engineering of several advanced industrial prototypes of distributed, fault-tolerant, secure or real-time systems, emerging from R&D projects he took part in.

Selected Publications

  • Jiangshan Yu, David Kozhaya, JA©rA©mie Decouchant, Paulo Esteves-VerA­ssimo. RepuCoin: Your Reputation is Your Power (2019). In IEEE Trans. on Computers, 68(8), 1225-1237.
  • Kreutz, Diego; Ramos, F. M. V.; Verissimo, Paulo; Rothenberg, C. E.; Azodolmolky, S.; Uhlig, S. ""Software-Defined Networking: A Comprehensive Survey"", in Proceedings of the IEEE (2015), 103(1), 14-76.
  • Giuliana Veronese, Miguel Correia, Alysson Bessani, Lau Lung, Paulo Verissimo, ""Efficient Byzantine Fault-Tolerance"", IEEE Tacs. on Computers, vol. 62, no. 1, Jan. 2013.
  • Paulo Sousa, Alysson Bessani, Miguel Correia, Nuno Ferreira Neves, Paulo VerA­ssimo. Highly Available Intrusion-Tolerant Services with Proactive-Reactive Recovery. IEEE Tacs. on Parallel and Distributed Systems. Apr. 2010.
  • VerA­ssimo, P., Casimiro, A.: The timely computing base model and architecture. IEEE Tacs. on Computers, Special Issue on Asynchronous Real-Time Distr. Systems (2002).
  • D. Powell, D. Seaton, G. Bonn, P. VerA­ssimo, and F. Waeselynk. The Delta-4 approach to dependability in open distributed computing systems. In N. Suri, C. Walter, and M. Hugue, editors, Adv. in Ultra-Dependable Distr. Sys. IEEE Computer Society, 1995.

Desired Project Deliverables

The goal of this project is to experiment the use of Deep Learning or Generative Adversarial Networks as a tool to optimize the Breach and Attack Simulation. The intern will make use off-the-shelf tools that follow the same method for the detection of critical faults, e.g., memory overflows, and extend it for more security vulnerabilities (e.g., network). The objectives of the project are to understand the feasibility of ML model in optimizing BAS tools and publish the results as a paper or commercialize the project.

Recommended Student Background

Cybersecurity
Deep Learning
Generative Adversarial Networks
Threat modeling and Penetration testing

We are shaping the
World of Research

Be part of the journey with VSRP

Find a Project
3-6 months
Internship period
100+
Research Projects
3.5/4
Cumulative GPA
310
Interns a Year