Cybersecurity

Cybersecurity refers to the technologies, processes, and practices designed to protect networks, computers, programs, and data from attack, damage, or unauthorized access. In today’s digital world, cybersecurity is an essential element of protecting personal and business information, and it is increasingly important as more and more of people’s lives and operations move online. Some of the major challenges in the field of cybersecurity include the rise of sophisticated cyber attacks, the increasing use of artificial intelligence and machine learning, the growing complexity of the technology landscape, and the shortage of skilled professionals.

Cybersecurity is the act of protecting valuable assets from attacks that are initiated mainly through digital means. The main targets of cyberattacks are not limited to Information Technology (IT) assets, but also include Operational Technology (OT) as well as human assets. A successful attack can result in considerable costs in terms of resources and data as well as reputation damage for the organisation concerned.

In order to enhance the preparedness and cyber-resilience of targeted assets to the greatest extent possible, there is currently a variety of tools that may be utilized. Those include Intrusion Detection Systems (IDS), Intrusion Prevention System (IPS) and Cyber Threat Intelligence (CTI) tools.

M4D is focused on the development of AI-supported CTI tools for the identification, gathering, analysis, correlation, classification, enrichment and sharing. To this end, relevant data from multiple system-based (e.g., logs) and external sources (e.g., online content from the Surface & Dark Web) are being collected through the utilization of honeypots and custom made crawlers. Actionable CTI is extracted from the gathered data (e.g., through Named Entity Recognition and relation extraction using rule-based and machine learning-based techniques), correlated, and shared (e.g., through MISP), while it can also be further enriched through its association to relevant taxonomies.

M4D is also developing dynamic taxonomies through the aforementioned CTIs and based on existing taxonomies (e.g., from MISP). To this end, information extraction techniques such as Name Entity Recognition, BERTopic modeling, and pattern matching are employed to create the cyber threat related taxonomies and update the existing taxonomies. Finally, the new taxonomies are used to develop dynamic ontologies focused on cyber threats raising the awareness and enhancing the preparedness against cyber attacks.

Research activities also expand to the analysis of logs produced by Host Based Intrusion Detection systems to identify attack patterns using Association Rule Learning while using Federation Learning techniques M4D is researching how Collaborative Intrusion Detection Systems (CIDS) can enhance the detection accuracy of cyber attacks and their overall effectiveness.

AI-supported Cyber Threat Intelligence
Cyber Threat Dynamic Ontologies

PROJECTS

PUBLICATIONS

  1. A. Kougioumtzidou, A. Papoutsis, D. Kavallieros, T. Mavropoulos, T. Tsikrika, S. Vrochidis, and I. Kompatsiaris, "An End-to-End Framework for Cybersecurity Taxonomy and Ontology Generation and Updating," in 2024 IEEE International Conference on Cyber Security and Resilience, CSR 2024, London, UK, September 2-4, 2024, IEEE
  2. C. Iliou, T. Kostoulas, T. Tsikrika, V. Katos, S. Vrochidis, and I. Kompatsiaris, “Web Bot Detection Evasion Using Deep Reinforcement Learning”, In Proceedings of the 17th International Conference on Availability, Reliability and Security (ARES 2022), ACM, 23-26 Aug, 2022, DOI:10.1145/3538969.3538994. OPEN ACCESS
  3. P. Panagiotou, N. Mengidis, T. Tsikrika, S. Vrochidis, and I. Kompatsiaris. "Host-based Intrusion Detection Using Signature-based and AI-driven Anomaly Detection Methods." Information & Security: An International Journal 50, no. 1 (2021): 37-48. OPEN ACCESS
  4. C. Iliou, T. Kostoulas, T. Tsikrika, V. Katos, S. Vrochidis, and I. Kompatsiaris, "Web Bot Detection Evasion Using Generative Adversarial Networks", In Proceedings of the 2021 IEEE International Conference on Cyber Security and Resilience, IEEE, 26-28 July, 2021. DOI:10.1109/CSR51186.2021.9527915. OPEN ACCESS
  5. P. Evangelatos, C. Iliou, T. Mavropoulos, K. Apostolou, T. Tsikrika, S. Vrochidis and I. Kompatsiaris,"Named Entity Recognition in Cyber Threat Intelligence Using Transformer-based Models", in the proceedings of the 2021 IEEE International Conference on Cyber Security and Resilience (IEEE CSR) – Workshops, Virtual Conference, July 26 (Mon) – 28 (Wed), 2021, pp. 348-353, DOI:10.1109/CSR51186.2021.9527981. OPEN ACCESS
  6. N. Oikonomou, N. Mengidis, M. Spanopoulos-Karalexidis, A. Voulgaridis, M. Merialdo, I. Raisr, K. Hanson, P. de La Vallee, T. Tsikrika, S. Vrochidis and K. Votis, "ECHO Federated Cyber Range: Towards Next-Generation Scalable Cyber Ranges", in the proceedings of the 2021 IEEE International Conference on Cyber Security and Resilience (IEEE CSR) – Workshops, Virtual Conference, Virtual, July 26 - 28, 2021. OPEN ACCESS
  7. E.-C. Davri, E. Darra, I. Monogioudis, A. Grigoriadis, C. Iliou, N. Mengidis, T. Tsikrika, S. Vrochidis, A. Peratikou, H. Gibson, D. Haskovic, D. Kavallieros, E. Chaskos, P. Zhao, S. Shiaeles, N. Savage, B. Akhgar, X. Bellekens, and M. Amine Ben Farah, "Cyber security certification programmes", in the proceedings of the 2021 IEEE International Conference on Cyber Security and Resilience (IEEE CSR) – Workshops, Virtual Conference, July 26 (Mon) – 28 (Wed), 2021, pp. 428-435, DOI:10.1109/CSR51186.2021.9527974.
  8. S. Andreadis, I. Gialampoukidis, A. Manconi, D. Cordeiro, V. Conde, M. Sagona, F. Brito, N. Pantelidis, T. Mavropoulos, N. Grosso, S. Vrochidis and I. Kompatsiaris, "Earthquakes: from Twitter detection to EO data processing", In the proceedings of the 5th International Conference on Dynamics of Disasters (DOD 2021), Virtual, 15-18 July 2021.
  9. I. Gialampoukidis, S. Andreadis, S. Vrochidis, and I. Kompatsiaris, "Multimodal data fusion of social media and satellite images for emergency response and decision-making", 2021 IEEE International Geoscience and Remote Sensing Symposium (IGARSS 2021), 11 July 2021, Online, pp. 228-231, IEEE. OPEN ACCESS
  10. C. Iliou, T. Kostoulas, T. Tsikrika, V. Katos, S. Vrochidis, I. Kompatsiaris. "Detection of advanced web bots by combining web logs with mouse behavioural biometrics". Digital Threats: Research and Practice (DTRAP), 2021, Volume 2, Issue 3, 3 September 2021, DOI:10.1145/3447815. OPEN ACCESS
  11. C. Iliou, T. Kostoulas, T. Tsikrika, V. Katos, S. Vrochidis, and Y. Kompatsiaris, "Towards a framework for detecting advanced Web bots", Iin Proceedings of the 14th International Conference on Availability, Reliability and Security, p. 18. ACM, 2019. OPEN ACCESS
  12. N. Mengidis, T. Tsikrika, S. Vrochidis, and I. Kompatsiaris. “Blockchain and AI for the Next Generation Energy Grids: Cybersecurity Challenges and Opportunities”. Information & Security: An International Journal 43, no. 1 (2019): 21-33, 15 January 2019. OPEN ACCESS