ObjectSecurity has been developing a number of Artificial Intelligence (AI) driven cybersecurity tools for numerous customers over the last couple of years. Using Machine Learning (ML) for cybersecurity is a highly hyped-up topic where “everybody’s doing it” (at least in “marketing terms”), but actual tangible solutions are scarce. In this blog post, we present a couple of our AI-driven cybersecurity project case studies and tools.

AI-based cyberattack detecton for wireless sensor networks

This video presents a customer case study where we are developing a machine learning based intrusion detection tool for detecting whether wireless sensor networks are under cyberattack or not. The particular use case for this case study are wireless networks for predictive maintenance or condition-based maintenance – to detect whether equipment needs to be maintained or repaired. But the technology can be used for many other wireless sensor networks as well, such as industrial control systems or internet of things.

In our use case, the sensor network’s gateway, which receives and processes the sensor traffic, analyzes the received sensor traffic on a continuous basis to determine the need for maintenance.

Our tool extends this gateway with an AI edge computing platform for deep learning. When first installed, our tool retrains its deep neural nets to the current sensor network. Thanks to the use of advanced deep learning techniques, our tool is able to adapt to particular sensor networks quickly – and determine no anomalies are occurring. You can see the predictions of an actual system in the graph. After that, when the sensor network – or the sensors – are cyberattacked, our deep learning-based tool firstly detects these anomalies – and secondly also tries to classify the kind of cyberattack that is happening. The attack is clearly visible in the predictions.

Our tool enables the customer to detect and respond to cyberattacks better and faster.

Intelligent, adaptive red team sequencing

This video presents a case study of two customer use cases where we developed a machine learning based cybersecurity “expert” that learns the best sequence of actions over time, using deep reinforcement learning (a sub field of deep learning).

We first developed an “AI hacker” prototype for cyber red team training environments. The patented “AI hacker” learns over time which sequences of actions work best against a particular defender – and is even able to characterize the defender.The goal was automation and cost-saving for cyber red team training

After that, we extended the technology to also learn the most likely successful sequences of actions of vulnerability assessors, esp. for embedded firmware.

Some of these features ended up being used in VAPTBOX, our vulnerability assessment and penetration tester portable device.

AI based vulnerabilities testing, penetration and analytics platform

ARAT is a complete vulnerabilities testing, penetration and data analytics platform full AI/ML support for anomaly and attack detection. ARAT was originally developed to meet our own requirements in vulnerabilities and penetration testing of individual (embedded) systems and complete, complex networks, and also for our work in hardware level and side channel attacks.

ARAT allows to stimulate systems in different ways. For example, ARAT controls, using rule-based or AI/ML-based orchestration, standard and self-developed exploration, vulnerabilities and penetration test penetration test tools, for network traffic and other interfaces, for example UART, CAN, I2C, field buses and so on. It collects response information, e.g. from network tapping (PCAP), interfaces and physical sensors like Digital Storage Oscilloscopes (DSO) or Software Define Radios (SDR). It especially supports an FPGA/SoC based integrated, high performance stimulation and observation device for Side Channel Analysis, which we developed inhouse at ObjectSecurity. Finally, ARAT supports result analytics-based rules, statistics, AI/ML and visual analytics.

The main advantage of ARAT is its high agility over the entire simulation, observation and analytics cycle. It fully integrates automation with interactive visual analytics. It is based on ObjectSecurity’s patented “Differential Stimulus” ML cybersecurity approach.

ARAT has a wide range of features to support vulnerabilities testing, penetration and analytics:

  • Vulnerability testing, penetration, analytics
  • Full integration of stimulation, data acquisition & analytics
  • Stimulation
  • Data acquisition

Need cyber AI tools & experts? Talk to us today.