Offre en lien avec l’Action/le Réseau : – — –/Doctorants

Laboratoire/Entreprise : ICUBE/Université de Strasbourg
Durée : 36 mois
Contact : pierre.parrend@unistra.fr
Date limite de publication : 2020-06-30

Contexte :
ANR Artic Project, program « contrats doctoraux en intelligence artificielle »

Lieu de travail Strasbourg – Grand Est – France
Champs scientifiques Informatique
Direction : Pierre Parrend, Prof. HDR, ECAM Strasbourg-Europe
Co-Direction : Aline Deruyver, McF HDR, Université de Strasbourg

Mots clés
IA explicable; IA transférable; Détection d’anomalies; cyber-attaques complexes

Sujet :
The Artificial Immune Ecosystem supports detection, memory and tolerance for detecting complex cybersecurity attacks like multi-step or zero-day attacks.
Detection finds unusual patterns likely to be a malicious behaviour. Memory stores these patterns for latter detection. Tolerance uses expert feedback and storage of earlier non-malicious patterns to reduce false positives.

To support an efficient analysis and reaction process, the models extracted for a given IT ecosystem must exhibit two key properties of artificial intelligence: explainability and transferability. Explainability ensures that the cybersecurity administrator have enough information to identify, characterize and react to suspicious traffic. Transferability leverages the knowledge gathered in one given context to bootstrap analysis in another. It requires 1)that the model can be extracted and 2)that it can be tailored to a new environment, abstracting away system-specific detectors and supporting adaptability to identify new anomalies.

Following a literature review on explainable and transferable Artificial Intelligence for Cybersecurity, a new model will be proposed and evaluated wrt. state of the art algorithms. Neural networks (such as MLP) and tree-based approaches (such as Isolation Forrests), which both exhibit major performance benefits for detection while having very distinct pre-conditions on data availability and required computing power, will be considered in priority. If relevant, this model will be challenged through cybersecurity or datascience competitions.

Profil du candidat :
Master and/or Engineer in computer science, with major in Artificial Intelligence or Cybersecurity.

Please send us a CV as well as the Master / engineering school transcripts, as well as your rankings, by email to: pierre.parrend@unistra.fr.

Any scientific publications (including unpublished scientific reports) are a plus in the application.

Formation et compétences requises :
The following skills are an important selection criterion for this thesis project:
* Machine learning
* Or: Statistics for data science
Theoretical knowledge as well as a first practical experience are expected.

Skills in graph theory, or cybersecurity, are an important asset.

Writing skills in English (and for native speakers in French) are very important for the success of a doctoral thesis in computer science.

Adresse d’emploi :
Laboratoire ICube, 11, Rue Humann, 67000 Strasbourg

Document attaché : 202005140655_Explainable and transferable Anomaly Detection for cybersecurity.pdf