Organization sPecific Threat Intelligence Mining and sharing

MSCA (Marie Skłodowska-Curie)HORIZON-TMA-MSCA-PF-EFID: 101063107
EC Contribution
€1,886
Consortium Size
4 orgs
Start Year
2022
Summary

The OPTIMA project (Organization sPecific Threat Intelligence Mining and sharing) aims to design techniques and tools for the extraction of Threat Intelligence targeted to organizations using ML algorithms, and effectively share attack records using privacy-preserving methods. The project will use technologies to protect societies from cyber-attacks and sophisticated threats prioritized in the European Council’s New Strategic Agenda. The key beneficiaries of the project are (a) security operation center-to support real time monitoring (b) incident response, threat hunting, fraud detection team-to prioritize risk (c), operational leaders- to prioritize activities of IT staff and (d) Strategic leaders such as Chief Information Security Officers - to make well-informed business decisions. This project will be executed at the University of Padua, under the supervision of Prof. Mauro Conti. The project will investigate solutions for the core questions: RQ1: How effectively can ML algorithms extract organization-specific threat artefacts to be utilized for preparing actionable Threat Intelligence? RQ2: How can organizations share threat intelligence without disclosing their private information to others?The objectives (SO) of the project are as follows: 1.SO1-To develop techniques for automatic extraction of threat intelligence using OSINT data for diverse IT industries (health care, finance, IoT, education, etc.) using deep learning approaches.2.SO2-To create a novel automated system to derive Indicator of Compromise (IOC) based on word embedding and syntactic dependencies of words to identify unseen IOCs. Utilizing the extracted IOCs a threat index will be estimated to define the impact of threat and attack trends across individual organizations;3.SO3-To build a system by integrating cryptographic tools and Federated learning which will enable an organization to anonymously share threat logs with different parties in a privacy-preserving manner

Consortium (4)

Project Results (18)

Source: CORDIS, the EU research results database.

Publications (15)
SoK: Visualization-based Malware Detection Techniques
Proceedings of the 19th International Conference on Availability, Reliability and Security· 2025DOI
Matteo Brosolo, Vinod Puthuvath, Asmitha KA, Rafidha Rehiman, Mauro Conti
Through the static: Demystifying malware visualization via explainability
Journal of Information Security and Applications· 2025DOI
Matteo Brosolo, Vinod P., Mauro Conti
Android malware defense through a hybrid multi-modal approach
Journal of Network and Computer Applications· 2024DOI
Asmitha K.A., Vinod P., Rafidha Rehiman K.A., Neeraj Raveendran, Mauro Conti
Computer Communications
Computer Communications· 2024DOI
Sameera, K. M., Serena Nicolazzo, Marco Arazzi, Antonino Nocera, Rafidha Rehiman KA, P. Vinod, and Mauro Conti.
Deep learning fusion for effective malware detection: leveraging visual features
Cluster Computing· 2024DOI
Jahez Abraham Johny, K. A. Asmitha, P. Vinod, G. Radhamani, K. A. Rafidha Rehiman, Mauro Conti
Deep learning vs. adversarial noise: a battle in malware image analysis
Cluster Computing· 2024DOI
Asmitha, K. A., Vinod Puthuvath, K. A. Rafidha Rehiman, and S. L. Ananth.
LFGurad: A Defense against Label Flipping Attack in Federated Learning for Vehicular Network
Computer Networks· 2024DOI
Sameera K.M., Vinod P., Rafidha Rehiman K.A., Mauro Conti
OSTIS: A novel Organization-Specific Threat Intelligence System
Computers & Security· 2024DOI
Dincy R. Arikkat, Vinod P., Rafidha Rehiman K.A., Serena Nicolazzo, Antonino Nocera, Georgiana Timpau, Mauro Conti
Relation Extraction Techniques in Cyber Threat Intelligence
Lecture Notes in Computer Science, Natural Language Processing and Information Systems· 2024DOI
Dincy R. Arikkat, P. Vinod, Rafidha Rehiman K. A., Serena Nicolazzo, Antonino Nocera, Mauro Conti
SecDefender: Detecting low-quality models in multidomain federated learning systems
Future Generation Computer Systems· 2024DOI
Sameera K.M., Arnaldo Sgueglia, Vinod P., Rafidha Rehiman K.A., Corrado Aaron Visaggio, Andrea Di Sorbo, Mauro Conti
SeCTIS: A framework to Secure CTI Sharing
Future Generation Computer Systems· 2024DOI
Dincy R. Arikkat, Mert Cihangiroglu, Mauro Conti, Rafidha Rehiman K.A., Serena Nicolazzo, Antonino Nocera, Vinod P.
vDefender: An explainable and introspection-based approach for identifying emerging malware behaviour at hypervisor-layer in virtualization environment
Computers and Electrical Engineering· 2024DOI
Avantika Gaur, Preeti Mishra, Vinod P., Arjun Singh, Vijay Varadharajan, Uday Tupakula, Mauro Conti
Effectiveness of machine learning based android malware detectors against adversarial attacks
Cluster Computing· 2023DOI
Jyothish, A., Mathew, A. & Vinod, P
Interpretable PDF Malware Detector
SINCONF· 2023DOI
Sneha Rajagopal C.H.M.M College For Advanced Studies, Trivandrum, Kerala, India ; Avanthika Gaur; P. Vinod
IntellBot: Retrieval Augmented LLM Chatbot for Cyber Threat Knowledge Delivery
Dincy R. Arikkat, Abhinav M., Navya Binu, Parvathi M., Navya Biju, K. S. Arunima, Vinod P., Rafidha Rehiman K. A., Mauro Conti
Deliverables (2)
Other Results (1)
Periodic Reporting for period 1 - OPTIMA (Organization sPecific Threat Intelligence Mining and sharing)