CyberMind

The main objective of the CyberMind project is to research, design, and implement cybersecurity frameworks providing various measures that can be taken to protect AI-based systems and models and keep them secure from a range of emerging attacks. To achieve this goal, the following objectives are defined:

To advance the state of the art in terms of adversarial attacks compromising the robustness and privacy of Decentralized Federated Learning (DFL). This will be achieved by conducting a thorough analysis of existing techniques and methodologies utilized for adversarial attacks on DFL frameworks. Innovative approaches for poisoning and inference attacks on DFL will be developed, implemented, and evaluated by identifying and exploiting vulnerabilities in DFL.

To enhance the resiliency of DFL systems to cyberattacks by designing and implementing a multilayer defense framework that leverages novel cybersecurity mechanisms. It is necessary to perform a comprehensive threat analysis for the entire lifecycle of a DFL system. Furthermore, different layers of security threats, including data, network, and model aspects, will be identified. To mitigate these vulnerabilities, defensive strategies such as the Moving Target Defense (MTD) will be designed and implemented to counter cyberattacks targeting DFL systems across diverse layers. 

To increase the trustworthiness of ML/DL/FL models by designing and implementing a framework in charge of computing the reputation of participants training FL models and assessing the quality of datasets used to train ML/DL models. These aspects will be achieved by conducting an exhaustive analysis of existing aspects and techniques utilized for reputation systems in distributed and AI-based scenarios. In addition, the analysis of work done in the field of data quality assessment will be critical to later propose, design, implement, and validate novel solutions improving the trustworthiness of AI.

Pre-prints

• Jan von der Assena, Sandrin Raphael Hunkeler, Alberto Huertas Celdrán, Enrique Tomas Matınez Bertran, Gérôme Bovet, Burkhard Stiller: Reputation System based on Distributed Ledger to Secure Decentralized Federated Learning,
• Jan von der Assen, Jamo Sharif, Chao Feng, Gérôme Bovet, Burkhard Stiller: Asset-driven Threat Modeling for AI-based Systems, arXiv e-prints (2024): arXiv:2403, June 2024Link
• Jan von der Assen, Chao Feng, Alberto Huertas Celdrán, Róbert Oleš, Gérôme Bovet, Burkhard Stiller: GuardFS: a File System for Integrated Detection and Mitigation of Linux-based Ransomware, Available at SSRN, February 2024Link
• Chao Feng, Alberto Huertas Celdran, Pedro Miguel Sanchez Sanchez, Jan Kreischer, Jan von der Assen, Gerome Bovet, Gregorio Martinez Perez, and Burkhard Stiller: CyberForce: A Federated Reinforcement Learning Framework for Malware Mitigation; arXiv e-prints (2023): arXiv-2307, Link
• Chao Feng, Hongjie Guan, Alberto Huertas Celdrán, Jan von der Assen, Gérôme Bovet, Burkhard Stiller. "FedEP: Tailoring Attention to Heterogeneous Data Distribution with Entropy Pooling for Decentralized Federated Learning." arXiv e-prints (2024): arXiv-2410.07678, Link
• Alberto Huertas Celdran, Chao Feng, Pedro Miguel Sanchez Sanchez, Lynn Zumtaugwald, Gerome Bovet, and Burkhard Stiller: Assessing the Sustainability and Trustworthiness of Federated Learning Models, arXiv preprint arXiv:2310.20435 (2023),Link
• Jan von der Assen, Alberto Huertas Celdrán, Rinor Sefa, Gérôme Bovet, Burkhard Stiller: MTFS: a Moving Target Defense-Enabled File System for Malware Mitigation; arXiv e-prints (2023): arXiv-2306 Link

Accepted Papers

• [Full Paper] Jan von der Assen, Jamo Sharif, Chao Feng, Gérôme Bovet, Burkhard Stiller: Asset-driven Threat Modeling for AI-based Systems, 2024 IEEE International Conference on Cyber Security and Resilience (IEEE CSR), London, England, 2024 (To appear)
• [Full Paper] Chao Feng, Alberto Huertas Celdran, Zien Zeng, Zi Ye, Jan von der Assen, Gerome Bovet, Burkhard Stiller. "Leveraging MTD to Mitigate Poisoning Attacks in Decentralized FL with Non-IID Data." 2024 IEEE International Conference on Big Data (IEEE BigData 2024), Dec 2024, Washington DC, USA, pp.1-10 (To appear)
• Alberto Huertas Celdrán, Pedro Miguel Sánchez Sánchez, Jan von der Assen, Timo Schenk, Gérôme Bovet, Gregorio Martínez Pérez, Burkhard Stiller: RL and Fingerprinting to Select Moving Target Defense Mechanisms for Zero-day Attacks in IoT, IEEE Transactions on Information Forensics and Security, Link
• [Short Paper ] Jan von der Assen, Alberto Huertas Celdrán, Rinor Sefa, Gérôme Bovet, Burkhard Stiller: MTFS: a Moving Target Defense-Enabled File System for Malware Mitigation; 2024 IEEE 49th Conference on Local Computer Networks (LCN), Caen, France, 2024 (To appear)
• [Full Paper] Chao Feng, Jan von der Assen, Alberto Huertas Celdran, Raffael Mogicato, Adrian Zermin, Vichhay Ok, Gérôme Bovet, Burkhard Stiller: A Lightweight Data Mining Platform for Dynamic and Reproducible Malware Analysis, 2024 11th Swiss Conference on Data Science (SDS), Zürich, Switzerland, May 2024, pp. 1-6. (To appear)

• [Full Paper] Alberto Huertas Celdrán, Jan von der  Assen, Chao Feng, Sandro Padovan, Gérôme Bovet, Burkhard Stiller: Next Generation of AI-based Ransomware, 2024 IEEE Global Communications Conference: Communication & Information Systems Security, Cape Town, South Africa, December, 2024 (To appear)

Published Papers

• [Journal] Alberto Huertas Celdrán, Pedro Miguel Sánchez Sánchez, Jan von der Assen, Dennis Shushack, Ángel Luis Perales Gómez, Gérôme Bovet, Gregorio Martínez Pérez, Burkhard Stiller: Behavioral fingerprinting to detect ransomware in resource-constrained devices, Computers & Security, Vol. 135, 2023, Link
• [Full Paper] Jan von der Assen, Alberto Huertas Celdrán, Janik Luechinger, Pedro Miguel Sánchez Sánchez, Gérôme Bovet, Gregorio Martínez Pérez, Burkhard Stiller:  RansomAI: AI-powered Ransomware for Stealthy Encryption; 2023 IEEE Global Communications Conference, Kuala Lumpur, Malaysia, December 2023, pp. 1-6, Link
• [Journal] Chao Feng, Alberto Huertas Celdrán, Jan von der Assen, Enrique Tomás Martínez Beltrán, Gérôme Bovet, Burkhard Stiller, DART: A Solution for decentralized federated learning model robustness analysis, Elsevier Array, July 2024 Link
• [Full Paper] Chao Feng, Alberto Huertas Celdran, Michael Vuong, Gerome Bovet, Burkhard Stiller: Voyager: MTD-Based Aggregation Protocol for Mitigating Poisoning Attacks on DFL, 2024 IEEE/IFIP Network Operations and Management Symposium (NOMS), Seoul, South Korea, May 2024, pp. 1-8, Link
• [Full Paper] Chao Feng, Alberto Huertas Celdran, Janosch Baltensperger, Enrique Tomas Matınez Bertran, Gerome Bovet, Burkhard Stiller. "Sentinel: An Aggregation Function to Secure Decentralized Federated Learning." European Conference on Artificial Intelligence, Santiago de Compostela, Spain, October 2024, Link

DEMO

• ThreatFinderAI

In this demonstration, ThreatFinderAI is used to model threats and identify countermeasures. In addition, residual risks are discussed based on business impact analysis and quantification. In the simplified scenario, a hypothetical company assesses the architecture of a digital customer care platform relying on Large Language Models (LLMs) and Retrieval Augmented Generation (RAG).

• University of Zurich, IFI, CSG
• Armasuisse
• University of Murcia 

• Prof. Dr. Burkhard Stiller
• Dr. Alberto Huertas Celdrán
• Jan von der Assen
• Chao Feng

Inquiries may be directed to the local Swiss project management:

Prof. Dr. Burkhard Stiller,

Dr. Alberto Huertas Celdrán
University of Zürich, IFI
Binzmühlestrasse 14
CH-8050 Zürich
Switzerland

stiller@ifi.uzh.ch,
huertas@ifi.uzh.ch
Phone: +41 44 635 75 85
Fax: +41 44 635 68 09