Proactive cyber risk platform developed to defend UK military systems
Computer scientists from the University of Southampton have collaborated with incident modelling solutions provider Riskaware to help defend UK military systems and networks from rapidly growing cyber threats.
The research partnership has produced CyberAware Predict, which takes a proactive approach to minimise risk and mitigate the impact of future cyber attacks.
Researchers from Southampton's Cyber Security Research Group have advanced the capability as part of a £1m innovation funding round from the UK's Defence and Security Accelerator (DASA).
Dr Leonardo Aniello, Southampton project lead, says: "In today's cyber threat landscape, attacks are becoming increasingly sophisticated and can develop over many consecutive stages, from reconnaissance to first intrusion, from privilege escalation to data exfiltration.
"CyberAware Predict aims to protect an IT defence infrastructure in a proactive way: by anticipating how and where cyber-attacks can target the infrastructure, and how they can evolve over time, the platform can help operators develop a more precise cyber risk awareness and take appropriate countermeasures in advance."
Southampton researchers shared expertise in cyber security and machine learning to enable the system to make predictions about the likely next steps of an evolving cyber attack against the monitored IT defence infrastructure.
Dr Aniello adds: "As UK defence assets become increasingly integrated with and reliant on the cyber space, the need arises to protect defence IT infrastructures from cyber attacks to ensure security and continuity of critical operations. In this context, the capability to predict cyber threats in advance is a key enabler and presents a competitive advantage. After land, sea, air and space, cyberspace has become the new battlefield."
Riskaware's CyberAware platform includes visual analytics that enable organisations to understand and communicate current cyber risk, given analysis of real network vulnerabilities through cyber attack prediction and simulation.
The aim is to help organisations identify how critical assets might be impacted by cyber attacks, and ultimately facilitate the design of cost-effective cyber security controls that reduce cyber risk to acceptable levels.
This new predictive capability relies on machine learning techniques that seamlessly integrates existing software tools and cyber threat intelligence (CTI) knowledge bases.