Most if not all military operations are highly dependent on ICT infrastructures and services. At the same time, adversary state and non-state actors are developing sophisticated offensive cyber capabilities that pose a serious and constant threat. In order to stay ahead in this technological arms race, significantly enhanced capabilities to defend military ICT against cyber threats are needed.
Techniques for incident management, detection and response based on Artificial Intelligence (AI) are particularly promising in this respect; sophisticated attacks call for detection and response in an automated fashion requiring defence tools that can learn and adapt to changes in the cyber environment – in other words, tools using AI. This is where the roject AInception comes into play.
AInception main aim is to develop novel AI-based tools and techniques for detection and response: from detecting adversarial behaviour from logs and network traffic; to understanding, contextualizing and explaining the detected threat; to generating risk and impact aware response action; all the way to automating the execution and evaluation of the response action on the underlying infrastructure. AI will play a central role for all these steps in the AInception tool pipeline. These tools will be combined into a proof-of-concept end to-end detection and response prototype, evaluated in operational scenarios with end users. Selected tools coming out of the project will be integrated in the cyber defence platform developed by the PANDORA project, as well as existing commercial products and services of the partners.
AInception will be implemented by a consortium of eighteen partners, including large industrial partners, midcaps, SMEs, RTOs and defence research institutes from nine European countries. The project is officially supported by seven Ministries of Defence, who will be engaged in the project by participating in its Advisory Board.