The Cyber Security Cooperative Research Centre (CSCRC) has announced a major research project between local cyber security company Penten and CSIRO’s Data61, the data and digital specialist arm of Australia’s national science agency, to extend the country’s sovereign advantage in autonomous and active defence.
Announced at CSIRO’s D61+ LIVE event in Sydney, the project will provide Penten with access to Data61’s AI research expertise. The research will focus on extending Penten’s work on applying AI to turn the tables on cyber attackers, using deception technology like ‘cyber traps’ and ‘decoys’, part of an emerging category of cyber security defence.
“This is a significant announcement for the Australian cyber research community,” Rachael Falk, CEO of CSCRC, said.
“The collaboration brings together one of Australia’s most innovative companies with our national science agency to collaborate on solving challenging problems in our field.
“Strong cyber security is critical for our economy and for Australia’s prosperity. We are excited by the opportunities this collaboration presents,” Falk said.
Penten, Data61 and CSCRC are looking to fill two Post-Doctoral Research Fellowship positions and is offering five PhD scholarships of up to $50,000 per annum to work on applying AI and machine learning to create deceptive and plausible computer systems and data.
“Unlike what you see on CSI, it is hard to detect intrusions and data theft,” Penten CEO Matthew Wilson said. “Not because traditional systems are incapable, but because criminals and people with malicious intent are always looking for new ways to hide their actions in the noise of everyday computer activity. Even when we do find something, traditional tools don’t often tell us ‘who’ or ‘why’.
“We have been exploring how to fight back against these attackers by interspersing decoy computers and data amongst real assets. Because they don’t have any real value, the decoys act as digital tripwires. We discover the attackers and learn more about them by capturing their actions, observing what they choose to interact with and placing homing beacons in the decoys,” Wilson said.
“Cyber traps work best if the content is realistic, enticing and does not interfere with legitimate users. Making these cyber traps by hand and optimising for these requirements is very time consuming for cyber defenders. Our solutions use artificial intelligence to learn the patterns of activity and content from surrounding computers and data,” Wilson continued. “We then use this information to create realistic and believable mimics.
“This means we can deliver suitable content extremely efficiently, tailored to a customer environment and with minimal effort on the part of the defender,” Wilson concluded.
Penten has been operating for four years and has grown to over 75 employees. The company have developed AI tools that generate and update decoy and trap documents, military radio communications, Wi-Fi access points and active network hosts.
Dr Surya Nepal, Senior Principal Research Scientist at CSIRO’s Data61 and Security Automation and Orchestration team leader at CSCRC said the partnership could help Australia create new technologies that can reach global scale.
“As cyber threats increase in volume and sophistication, AI and machine learning offer an opportunity to assist overwhelmed human defenders and speed up decision making and response. It also allows us to deliver more agile defences in a way that we were not able to before,” Dr Nepal said.