Hybrid Threats
Lead Research Organisation:
University College London
Department Name: Computer Science
Abstract
In recent years, hybrid threats have attracted growing interest from governments, inter-governmental organisations, defence and security communities, and academia. Such threats increasingly target people through coordinated exploitation of vulnerabilities across domains, aiming to undermine trust in authorities and cause social unrest.
Recent technological advancements have enabled adversaries to integrate cyberattacks and online misinformation campaigns into their attack strategies. By coordinating such attacks, the adversary can amplify the potential for harm or disruption.
Despite extensive research on independent threats and the relevant detection and response actions, research on hybrid attacks and defensive countermeasures remains limited, creating a gap in our understanding of these complex threats. This gap is concerning as such attacks can have a significant and long-lasting impact on the attitudes and opinions of the targeted people. Developing effective defence strategies is essential to mitigate the potential impacts.
The research proposes a multi-agent deep reinforcement learning (MARL) approach to devise an attack strategy that effectively coordinates attacks across domains and a defence strategy that adapts to such evolving adversarial behaviours. Specifically, the focus is on coordinated cyberattacks and misinformation campaigns. The reasons for choosing this method and scope are that they reflect the increasingly multi-faceted nature of modern threats. Malicious actors leverage the digital and informational spheres to gain strategic advantages. These domains present unique challenges due to their complexity and dynamic nature, making traditional methods less effective. MARL can handle complex decision-making scenarios, thus offering a promising way to model and assess the impact of such sophisticated attack and defence strategies.
This research defines hybrid threats as strategically coordinated actions that exploit vulnerabilities in the cyber and information domains to influence behaviour and shape the target audience's opinions. In this research, malicious agents and defenders use deep reinforcement learning for decision-making. Modelling and simulation are used to analyse the strategic behaviour of agents with hybrid capabilities, their impact on the behaviours and opinions of other agents, and relevant defence countermeasures. This research contributes to the growing body of literature on hybrid threats.
Recent technological advancements have enabled adversaries to integrate cyberattacks and online misinformation campaigns into their attack strategies. By coordinating such attacks, the adversary can amplify the potential for harm or disruption.
Despite extensive research on independent threats and the relevant detection and response actions, research on hybrid attacks and defensive countermeasures remains limited, creating a gap in our understanding of these complex threats. This gap is concerning as such attacks can have a significant and long-lasting impact on the attitudes and opinions of the targeted people. Developing effective defence strategies is essential to mitigate the potential impacts.
The research proposes a multi-agent deep reinforcement learning (MARL) approach to devise an attack strategy that effectively coordinates attacks across domains and a defence strategy that adapts to such evolving adversarial behaviours. Specifically, the focus is on coordinated cyberattacks and misinformation campaigns. The reasons for choosing this method and scope are that they reflect the increasingly multi-faceted nature of modern threats. Malicious actors leverage the digital and informational spheres to gain strategic advantages. These domains present unique challenges due to their complexity and dynamic nature, making traditional methods less effective. MARL can handle complex decision-making scenarios, thus offering a promising way to model and assess the impact of such sophisticated attack and defence strategies.
This research defines hybrid threats as strategically coordinated actions that exploit vulnerabilities in the cyber and information domains to influence behaviour and shape the target audience's opinions. In this research, malicious agents and defenders use deep reinforcement learning for decision-making. Modelling and simulation are used to analyse the strategic behaviour of agents with hybrid capabilities, their impact on the behaviours and opinions of other agents, and relevant defence countermeasures. This research contributes to the growing body of literature on hybrid threats.
Planned Impact
The EPSRC Centre for Doctoral Training in Cybersecurity will train over 55 experts in multi-disciplinary aspects of cybersecurity, from engineering to crime science and public policy.
Short term impacts are associated with the research outputs of the 55+ research projects that will be undertaken as part of the doctoral studies of CDT students. Each project will tackle an important cybersecurity problem, propose and evaluate solutions, interventions and policy options. Students will publish those in international peer-reviewed journals, but also disseminate those through blog posts and material geared towards decision makers and experts in adjacent fields. Through industry placements relating to their projects, all students will have the opportunity to implement and evaluate their ideas within real-world organizations, to achieve short term impact in solving cybersecurity problems.
In the longer term graduates of the CDT will assume leading positions within industry, goverment, law enforcement, the third sector and academia to increase the capacity of the UK in being a leader in cybersecurity. From those leadership positions they will assess options and formulate effective interventions to tackle cybercrime, secure the UK's infrastructure, establish norms of cooperation between industries and government to secure IT systems, and become leading researcher and scholars further increasing the UK's capacity in cybersecurity in the years to come. The last impact is likely to be significant give that currently many higher education training programs do not have capacity to provide cybersecurity training at undergraduate or graduate levels, particularly in non-technical fields.
The full details of our plan to achieve impact can be found in the "Pathways to Impact" document.
Short term impacts are associated with the research outputs of the 55+ research projects that will be undertaken as part of the doctoral studies of CDT students. Each project will tackle an important cybersecurity problem, propose and evaluate solutions, interventions and policy options. Students will publish those in international peer-reviewed journals, but also disseminate those through blog posts and material geared towards decision makers and experts in adjacent fields. Through industry placements relating to their projects, all students will have the opportunity to implement and evaluate their ideas within real-world organizations, to achieve short term impact in solving cybersecurity problems.
In the longer term graduates of the CDT will assume leading positions within industry, goverment, law enforcement, the third sector and academia to increase the capacity of the UK in being a leader in cybersecurity. From those leadership positions they will assess options and formulate effective interventions to tackle cybercrime, secure the UK's infrastructure, establish norms of cooperation between industries and government to secure IT systems, and become leading researcher and scholars further increasing the UK's capacity in cybersecurity in the years to come. The last impact is likely to be significant give that currently many higher education training programs do not have capacity to provide cybersecurity training at undergraduate or graduate levels, particularly in non-technical fields.
The full details of our plan to achieve impact can be found in the "Pathways to Impact" document.
Organisations
People |
ORCID iD |
| Stephen Hailes (Primary Supervisor) | |
| Kärt Padur (Student) |
Studentship Projects
| Project Reference | Relationship | Related To | Start | End | Student Name |
|---|---|---|---|---|---|
| EP/S022503/1 | 01/04/2019 | 23/11/2028 | |||
| 2401125 | Studentship | EP/S022503/1 | 01/10/2020 | 30/09/2024 | Kärt Padur |