Machine Learning, Robust Optimisation, and Verification: Creating Synergistic Capabilities in Cybersecurity Research

Lead Research Organisation: Imperial College London
Department Name: Dept of Computing

Abstract

The need for better support to deal with the threats of cybersecurity is undisputed. Organisations are faced with an ever growing number of malware and integrated malware attack tools, attempted attacks on infrastructure and services, an increasing number of insider attacks, and advanced persistent threats for high-priced assets. Dealing with such threats requires that organisations have ICT staff that is at least familiar with cybersecurity issues and preferably has actual skills in cybersecurity regardless of the role of such staff. Likewise, management and decision makers need to be aware of cybersecurity issues and reflect these in their actions. Large organisations often have a Chief Information Security Officer (CISO) who deals with the operational and strategic issues of cybersecurity for his or her organisation. But SMEs typically cannot afford a role with such oversight on cybersecurity, which makes them especially vulnerable.

The scale and diversity of cybersecurity issues that an organisation faces means it cannot possibly consider each single vulnerability of its systems against each credible or potential adversary whose presence would turn a vulnerability into an actual threat. A CISO or decision maker, though, needs to have a fairly abstract view of all this complexity where the choice of abstraction is not driven by technical aspects but by modalities such as risk, compliance, availability of service, and strategy. This view often has to take into account the cybersecurity of external or partner organisations, which is problematic as organisations are reluctant to share such sensitive information. Therefore, a CISO or decision maker needs a representation of relevant internal or external systems and services that allows him or her to make decisions of either operational or strategic nature.

The uncertainty expressed in such abstractions is typically probabilistic or strict in nature. For example, a bank may have a good idea of the probability that a given teller machine has a corrupted external interface that clones inserted bank cards, based on past history, location of the machine and so forth. Strict uncertainty often relates to threats for which no (or insufficient) historical information is available to estimate probability distributions, or it is used to express the combinatorial nature of a problem, for example the different orderings in which one may schedule critical tasks.

This project brings together research leaders in machine learning, robust optimisation, verification and cybersecurity to explore new modelling and analysis capabilities for needs in cybersecurity. The project will investigate new approaches for modelling and optimisation by which cybersecurity of systems, processes, and infrastructures can be more robustly assessed, monitored, and controlled in the face of stochastic and strict uncertainty. Particular attention will be paid to privacy: new forms of privacy-preserving data analytics will be created and approaches to decision support that respect privacy considerations; for corporate confidentiality, we will invent foundations that enable different organisations to model and analyse cross-organisational cybersecurity aspects whilst respecting the type of privacy inherent in organisations' confidential information by establishing appropriate information barriers.

Planned Impact

Each project site will host a workshop. These workshops will be open to any interested parties, but we will also send out targeted invitations to PIs and co-Is of other projects of this call, people from industry and governmental agencies, and other academics at all career stages (including PhD students). The aim of these workshops is to promote the objectives of the project, to disseminate project outcomes, to encourage external researchers (including PhD students) to share problems and collaborate with us, and to engage industrial problem owners.

We believe it is vital to create tool prototypes to increase impact of our foundational research. We therefore have an increased staff density in the final 12-16 months of the project to ensure that we can create powerful and convincing tool demonstrators.

Our research outputs will be made available in open-access form. This applies to research papers, software, research data (unless the latter is confidential due to its origin) or other project artefacts. We plan to use tools such as Zenodo (https://zenodo.org) to host such data and software with supporting DOIs.

We feel that this work is quite important and relevant to the concerns of the general public. Security and especially privacy of individual data is on most people's mind. Therefore, we aim to engage with the media to communicate to a general audience the research problems that we are addressing as well as our research outputs. We will choose such venues in a flexible and opportunistic manner. Let us mention the Imperial College London Festival, Science Events at the Darwin Centre in London, events hosted by the BBC, radio interviews with UK and Singapore stations, and also media outlets in the wider EU.

We broaden academic impact through further activities. We mean to develop course material (lecture notes, exercises, software) that other academics can use to teach material at the junction of machine learning, cybersecurity, privacy, and verification. Furthermore, we plan to write overviews of the research problems and our solutions addressed to a general scientific audience - aiming at appropriate venues such as the Communications of the ACM but also targeting venues beyond Computing, for example the New Scientist.

We plan to schedule a Hackathon around the second workshop. Here, we mean to provide a somewhat more sophisticated
gamification of the learning material developed for outreach to schools, to engage students (undergraduates, postgraduates or PhD students) and early career researchers with these research issues in the hope of attracting them to these research topics.

Both PIs and the co-I will explore during this project how research outcomes can be leveraged to generate research proposals for more applied or impact oriented research. We also plan to propose a seminar at the Leibniz-Centre for Informatics that would happen around the end of this project. These meetings gather international research leaders and decision makers in academia, industry, and to some degree from government to explore a research challenge. We would use this event in part to promote our research findings but also to form new collaborations and networks, and to provide stimulus for creating new or better research solutions.

To foster more longterm impact in academia, we will propose a workshop satellite event for a large security conference, for example for the ACM Computer and Communications Security conference series. We would expect this event to be repeated annually to provide a forum for exchange of research ideas and outputs at the junction of areas at which this proposal is situated.
 
Description We have developed techniques that allow us to model and analyze the application of secure multi-party computation in practice. These applications use cryptographic protocols to ensure that parties can submit their private and sensitive inputs into a function to compute a common output. While the cryptography protects the privacy of the inputs in as much as possible, it cannot protect against any inferences that could be made from the knowledge of the computed output, and the knowledge of the function that was computed with. In the technical literature, such information flow is described as "unavoidable" and typically ignored. Our research has made this information flow the express object of study and our first tools provide users a means of assessing the risk of using secure multi-party computation. Our tools help answer questions such as "For which input values that I supply can I get assurance that other parties won't learn too much information about my input for a given function to be computed by all parties?" We provide such insights in quantitative form, using concepts from information theory and formal verification. We now also understand how to use optimisation techniques to add controlled noise to such computations so that privacy is guaranteed while trading off the strength of such guarantees with the precision of the intended computation. We have also developed a tool ManyOpt for the objective of reasoning about cybersecurity in systems that contain logical constraints and non-linear considerations such as probabilities. And we have participated in an effort of using knowledge representation languages to capture aspects of trustworthiness in cyber physical systems so that this can support designers, engineers, and implementers of such systems.
Exploitation Route In the long-term, one can image that versions of our methods are wrapped around commercial secure-multi party computation tools, so that application users can assess the risks of engaging in such computations before entering such computations. Also, the tool ManyOpt is hoped to be extended to reasoning about transcendental functions, so this will open up the representation and analysis of cybersecurity of cyber physical systems so that non-linear optimisation for it can be supported with rich logical constraints, which is not really possible in current optimisation approaches.
Sectors Aerospace, Defence and Marine,Chemicals,Digital/Communication/Information Technologies (including Software),Financial Services, and Management Consultancy

 
Description Our work on mathematical modelling of a particular cryptographic puzzle mechanism for blockchains, known as Proof of Work, has received attention from a global bank - which then funded a PhD studentship on Blockchain for Finance with us. This work has also led to interest from some of the core code developers of the Ethereum cryptocurrency, especially in its Enterprise Alliance. Our collaboration with people from Oxford University and XAIN AG Research has helped with creating a successful pilot project of XAIN/Porsche, we refer to https://youtu.be/KvyF78RTj18 for some details on that. Our collaboration with US NIST has also had some impact in that it has influenced their project on integrating modelling and reasoning into their CPS framework, the relevant paper is found at https://spiral.imperial.ac.uk:8443/handle/10044/1/57662
First Year Of Impact 2016
Sector Aerospace, Defence and Marine,Digital/Communication/Information Technologies (including Software),Financial Services, and Management Consultancy,Healthcare,Transport
Impact Types Economic

 
Description Delegate of USITO in Beijing, China, on Cryptography and Blockchain Technology, Standards, and Policy
Geographic Reach Asia 
Policy Influence Type Membership of a guideline committee
 
Description Expert Input into ISO/SEC Standards Inivitative on Trustworthiness, 20 July 2017, Beijing, China
Geographic Reach Multiple continents/international 
Policy Influence Type Participation in a advisory committee
 
Description Collaboration on Formal Techniques to Arms Verification 
Organisation Atomic Weapons Establishment
Country United Kingdom 
Sector Private 
PI Contribution AWE plc and their Arms Verification Group. He have transferred capabilities from formal methods, notably SMT solvers, to the domain of modelling arms inspection and verification scenarios. This has given the Arms Verification Group at AWE new insights and modelling & analysis tools that were also applied on a case study based on the UK-Norway 2018 Initiative. This collaboration is ongoing; AWE is very interested in high-assurance modelling and optimization for decision support, and we are working on tools that can provide such support.
Collaborator Contribution AWE hosted some meetings with stakeholders within AWE but also within government agencies. AWE also supplied crucial test data for our approaches, and influenced the writing of the paper that was published at INMM 2017, the flagship venue for the nuclear materials industry.
Impact Software at https://bitbucket.org/pjbeaumont/inmm2016/ Disciplines involved are nuclear policy, nuclear physics, decision sciences, mathematical optimization, social science
Start Year 2016
 
Description Collaboration with Optimization Group and Chemical Engineers 
Organisation Imperial College London
Department Department of Chemistry
Country United Kingdom 
Sector Academic/University 
PI Contribution We have began a collaboration with colleagues in our department who specialize in mathematical programming and its applications in engineering, chemical engineering and bioengineering in particular. This is very promising as we provide the expertise and know-how of recent advanced in automated reasoning, symbolic computation, and formal verification, whereas they (Notably Dr Ruth Misener) are leading international experts on MINLP programming and its application to challenging optimization problems in engineering.
Collaborator Contribution The partners provide test cases in the form of MINLP models and benchmarks, domain knowledge from chemical engineering, and consult on where to public in their communities. They also plan to write papers with us about the synergy potential of formal methods and mathematical programming. We also hope to look at threat models in engineering, within an IoT context and apply our new optimization techniques there.
Impact It is too early for listing any outputs on this.
Start Year 2017
 
Description Collaboration with network from University of Oxford and XAIN company 
Organisation XAIN AG
PI Contribution We assisted in the experimental work and mathematical modelling for governed blockchain technology, including its threat modelling. We co-created a new variant of consensus algorithm that may consume much less energy than Proof of Work. This has been integrated and tested in a pilot project with XAIN/Porsche (which also contains other work that we did not contribute to). A good overview of this is seen in the following clip: https://youtu.be/KvyF78RTj18
Collaborator Contribution The contributions by the Oxford team were in the machine learning aspects for anomaly detection of blockchain systems, and in the company XAIN by transferring such knowledge into practice through a real-world demonstrator.
Impact We publishes a "Yellow Paper" at https://www.xain.io/pdf/XAIN_Yellow_Paper.pdf and this is interdisciplinary in that it covers EEE, Computer Science, and Automotive.
Start Year 2017
 
Description Collaboration with people at US NIST 
Organisation National Institute of Standards & Technology (NIST)
Country United States 
Sector Public 
PI Contribution We have begun to collaborate with people at NIST on Trustworthiness of Cyber Physical Systems (CPS). This also involves someone from Intel and a researcher from a prominent US Business School (Saint Joseph's University). We held a workshop in December at Imperial in which the framework that NIST has proposed for this issue was discussed and feedback given. Our contributions were in assisting the modelling and development of knowledge representation and reasoning about the trustworthiness of CPS. We also mean to extend that to quantitative reasoning, where we locally will bring needed expertise.
Collaborator Contribution They have lead the strategic direction of this work, which is very much about impact in several verticals.
Impact A first key output of this is a paper to be presented at the IET PETRAS conference on Living in the Internet of Things: https://spiral.imperial.ac.uk:8443/handle/10044/1/57662
Start Year 2017
 
Description Blockchain Event at the European Finance Forum, Old Stock Exchange, Frankfurt, Germany 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Professional Practitioners
Results and Impact This was an event in which professional practitioners and policy makers (bankers, lawyers, regulators, and so forth) met to find out about blockchain technology and its opportunities and challenges. Michael Huth gave a keynote that surveyed this space and he also served on a panel that answered questions from the audience.
Year(s) Of Engagement Activity 2016
URL http://www.europeanfinanceforum.org/Meeting.45.0.html?&no_cache=1&eventanchor=2420&location=&cHash=5...
 
Description Industrial Internet of Things event for Corporate Members at Chatham House 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Industry/Business
Results and Impact I was invited to give a presentation about the Internet of Things and Security Issues for it. Alison Vincent, the UK CTO of Cisco was the other speaker. The technical editor of the Financial Times then chaired a debate with the audience. This was also a good opportunity to promote the PETRAS IoT Research Hub.
Year(s) Of Engagement Activity 2016
URL https://www.chathamhouse.org/event/industrial-internet-things
 
Description Logic Teaching For Science and Engineering in the 21st Century 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Postgraduate students
Results and Impact Michael Huth was invited to present his views on teaching logic in computer science at a high-profile "Logic Lounge". Huth argued for the need to broaden the use of logical tools to all engineering disciplines, in particular for the design, implementation, and assurance of Cyber Physical Systems and their trustworthiness.
Year(s) Of Engagement Activity 2017
URL http://www.vcla.at/2017/08/logiclounge-in-memoriam-helmut-veith/
 
Description Multiple Views on Blockchain: Technology, Use Cases, Economics, and Policies 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Policymakers/politicians
Results and Impact The event was organized by Trusted Digital Life, based in The Hague, The Netherlands, in conjunction with people from Intel, Microsoft, and other ICT businesses. Michael Huth gave a presentation on Blockchain Technology and its trustworthiness issues, also pertaining to architectural choices of such technology. He then also served on a panel on research foundations for Blockchain Technology.
Year(s) Of Engagement Activity 2016
URL https://trustindigitallife.eu/events/past-events/multiple-views-on-blockchain-technology-use-cases-e...
 
Description Panel Member and Speaker at US NIST event on Trustworthiness of Cyberphysical Systems 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Industry/Business
Results and Impact This was a high-profile, one-day workshop at the US NIST regarding their proposed framework and guidance for the design, implementation, and validation of trustworthy cyberphysical systems. All panel sessions and keynotes were recorded are are accessible to the general public at the URL below. Michael Huth served on two panels and was asked to present his views on trustworthiness R&D in cyberphysical systems, which was also an opportunity to highlight the PETRAS IoT Research Hub to the US and global audience.
Year(s) Of Engagement Activity 2016
URL https://www.nist.gov/news-events/events/2016/08/exploring-dimensions-trustworthiness-challenges-and-...
 
Description Panelist on Future IoT Security at the SecCon 2017 conference by CISCO 
Form Of Engagement Activity A formal working group, expert panel or dialogue
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Industry/Business
Results and Impact Senior Members of the PETRAS IoT Hub were invited to serve on a panel at the internal CISCO flagship security conference, which also brings along CISCO partners. We were asked about our views on IoT cybersecurity and its influence on policy, standards, acceptability, and related aspects.
Year(s) Of Engagement Activity 2017
 
Description Position Talk and Panel Membership at "From Research to Innovation - The Blockchain Era", The Press Club, Brussels, Belgium, 6 June 2017 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Policymakers/politicians
Results and Impact Assessing the viability of blockchain applications. Priorities for research. Supporting Public Policy Priorities. New Ideas, New Scenarios. These themes are discussed through talks, panels, audience Q&A, and involved a broad audience of decision makers, policy makers, industrial and business people, politicians, and some media.
Year(s) Of Engagement Activity 2017
URL https://trustindigitallife.eu/events/blockchain-conferences/research-innovation-blockchain-era/
 
Description Presentation at Workshop on Theory and Practice of Secure Multi-Party Computation 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Professional Practitioners
Results and Impact Patrick Ah-Fat attended the above workshop to learn more about this research topic and its practical relevance. He also presented his first results of his PhD work, which concern important security considerations of making such technology practically secure.
Year(s) Of Engagement Activity 2016
URL http://ctic.au.dk/events/workshops-conferences/mpc-2016/
 
Description Toward a Calculus for Logical Optimization of Trustworthy CPS 
Form Of Engagement Activity Participation in an activity, workshop or similar
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Professional Practitioners
Results and Impact This event was co-organized between Michael Huth (Imperial College London) and Edward Griffor (US National Institute of Standards and Technology) on 11December 2017 in London, UK. This event had two aims: to report on research undertaken toward a Calculus for Logical Optimization of Trustworthiness and other Aspects of Cyber Physical Systems, and to solicit feedback and identify collaboration opportunities for research in that space. The event reviewed the US NIST Framework for Cyber Physical Systems, especially how it supports the Trustworthiness Concern in the Design, Implementation, and Validation of Cyber Physical Systems. The event also presented how Ontologies and their Reasoning Capabilities can support such engineering activities through analyses can explore multiple concerns and their relationships both qualitatively and quantitatively, for example through the use of parameters or probabilities to inform risk management. A broad set of stake holders was in attendance, e.g. people from IBM, Intel, UK Government Agencies, and PETRAS academics.
Year(s) Of Engagement Activity 2017
 
Description co-editor of thematic issue of Royal Society Open Science journal, dedicated to blockchain technology 
Form Of Engagement Activity A magazine, newsletter or online publication
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Professional Practitioners
Results and Impact I was asked by a subject editor of this journal to propose such a thematic issue, which I did with Ghassan Karame (NEC Laboratories Europe) and Claire Vishik (Intel USA). The issue is expected to be launched at the end of 2018, perhaps with a launch event at the ATI.
Year(s) Of Engagement Activity 2018