Intelligent threat detection & response
In today’s world, where people, devices and machines are increasingly connected to each other and to other systems, cyber threats are a growing concern for both small and large organisations. A cyber attack has the potential to bring organisations to a standstill, costing time and money and impacting negatively on trust and reputation. Protecting against known risks is no longer sufficient. Cyber security solutions need to be intelligent, identifying suspicious activity in ‘real-time’ and automatically taking action, without supervision, as and when required.
Cyber attacks are often enacted via malicious executable files. Being able to detect these files and understand their malicious intent requires the reverse engineering and extraction of programmed behaviour and activity. This is a time intensive process and often requires significant expertise and use of complex tools. Through Endeavr, Airbus is looking to work with academics, SMEs, industry and other partners on innovations to address the challenges and deliver commercial value.
Challenges & Opportunities
- How can we develop automated tools that are easier to use for non-experts?
- Is it possible to export malicious activity as a set of measurable features that can explain the intent of a file both qualitatively and quantitatively?
- How can we better visualise malicious intent?
- Is it possible to stretch this beyond malicious files to general malicious activity – for example, insider threats?