About the project
CyberHunt aims at investigating and developing automated cyber-threat hunting technology based on AI and semantic modeling for predicting and detecting sophisticated adversarial attacks taking into consideration all phases of the cyber kill chain in a holistic fashion.
The CyberHunt projects develop highly innovative cybersecurity technologies that can sense, detect, analyze, disrupt and outmaneuver adversarial attacks in cyber-relevant time with the aim of radically strengthening defenses and resilience against cyberthreats targeted at critical infrastructures, including assets, systems, and networks, that are vital to the wellbeing of the population, the prosperity of the economy, and national security. The industry consensus is that standardization is a key enabler for automation and orchestration where functional blocks of different security solutions should no longer work in isolation, but interoperate effectively and efficiently in real time, allowing rapid and accurate decision making regarding cyber operations. Expected results of CyberHunt are:
- Automated threat hunting technology based on AI and semantic modeling for predicting and detecting sophisticated adversarial attacks taking into consideration all phases of the cyber kill chain holistically and not in isolation.
- Methods for cyberthreat information sharing based on computational trust and blockchain technologies.
- The first interoperable orchestration language for cyber operations with the purpose of enabling machine-to-machine communication in a coordinated manner where decision making can be part of an automated incident response.
- A knowledge base of geopolitical information sources. CyberHunt recognizes the importance of coupling geopolitical intelligence with cyberthreat intelligence for aiding the understanding of cyberwarfare patterns and reducing uncertainty in attack attribution.
The project is funded for 4 years by the IKTPLUSS program of the Research Council of Norway during 2020 - 2024.
The project is managed by Professor Audun Jøsang and Researcher Vasileios Mavroeidis at the Informatics Department at UiO. CyberHunt brings together complementary expertise from the partner institutions and will involve multiple PhDs, PostDocs, and Master's students.
Mavroeidis, Vasileios (2021). Towards automated threat-informed cyberspace defense. Universitetet i Oslo. ISSN 1501-7710.