Authors: Marco Angelini / ENG
This work package is focused on the design and implementation of the cyber-defences toolset and methodology. In detail, the cyber-physical defence activities will be dedicated to research, design, and development for AI-based defence strategy. In particular, the work package aims to define defence strategies from both systems and humans point-of-view. Moreover, a key aspect is focused to improve the AI explainability since it is important for the human to be in the loop of an AI-based defence strategy giving a high understanding of the environment.
In T4.1, ENG will lead the work on “Improved response with autonomous AI detectors and defenders” and innovative tools will be released about detection of Social Engineering threats and especially on phishing attempts. Moreover, in order to understand the current situation, threats and risks, another component will be developed which aims at alerting and helping workers to recognize hazardous situations, make decisions, and take actions rapidly to prevent incidents.
In T4.2, VICOM will lead the work on “Decision Support System based response to incidents” where a Decision Support System (DSS) with reinforcement learning based system to suggest or apply the countermeasures in order to mitigate the effects of the detected cybersecurity or physical incident.
CERTH will lead T4.3 “Hybrid defence mechanisms with Human-in-the-loop”, with the aim at modelling human feedback in a hybrid defence mechanism. Explanations, such as extracted rules, will be generated for the different points where a decision is made based on human assessment and displayed to a user-understandable interface. Based on the explanations, users will be able to review and modify the training datasets and adjust the decision thresholds.
WP4 has started on September 2023 and will last till March 2025.