Solayman’s first paper has been accepted for presentation at the 15th International Symposium on Foundations and Practice of Security (FPS 2022). The paper discusses the proposal of an evaluation framework for ML-based intrusion detection systems. It starts with a survey of recent works in the field of ML-based IDS and provides a comparison of their evaluation methodologies. We notice the lack of rigor with respect to ML best practices when public datasets are used. The corpus of works we studied often fail to anticipate common shortcomings such as unbalance, mislabelling or representativeness of the data. Additionally, although some novel evaluation methodologies were proposed in the field of intrusion detection, the community has been reluctant to apply them broadly. Our proposed framework attempts at combining the advances in both fields to improve the evaluation capabilities of intrusion detection systems that are based on learning models, often sensisitive to the quality of the data. If you happen to be in Ottawa at that time, come and let’s discuss!

Gregory, our PI, presented some first results obtained in Solayman’s thesis with respect to evaluating intrusion detection systems. In particular, the slides presented in Tokyo during the 7th French-Japanese Cybersecurity Workshop dealt with the contributions of AI to the evaluation of IDS, with a focus on dataset generation. GRIFIN’s project results were briefly mentioned with a framework destined to standardize the evaluation of ML-based IDS as proposed by Solayman in his thesis.

Today, it is with heavy heart that the GRIFIN project is relaying the sad news of Thomas Silverston’s passing. He was the coordinator of the LORIA partner, and one of the main supervisors of Solayman’s thesis. It is a huge loss to our project, and also as a friend.

Shurok just joined us at Télécom SudParis, Institut Polytechnique de Paris to work on the second doctoral project on Cognitive and Programmable Response. Before joining us, Shurok was completing an internship at the GRETTIA laboratory, Université Gustave Eiffel. She holds a Master in Intelligent Systems and Applications at Université Gustave Eiffel, where she specialized in modeling, simulation and data analysis of intelligent systems. Her acquired skills in AI and networking will be beneficial to the project.

GRIFIN will be presented at the poster session of the French symposium on the education and research community in information systems security (RESSI, a conference supported by the CNRS research group on cybersecurity (GDR Sécurité Informatique), on May 11th. The poster was teased during a project session. The poster and presentation materials are publicly available (poster) (slides)

The GRIFIN project team is offering a fully-funded (3 years) PhD position at Télécom SudParis, Institut Polytechnique de Paris to progress on AI-based countermeasure selection, intent-based countermeasure refinement and verification. More details on the thesis project are available in the proposal.

Solayman, our Ph.D student hosted at LORIA, Université de Lorraine, had the opportunity to present his ongoing thesis work at the French-Japanese Cybersecurity Workshop that was held online, on April 20th during the WG7 session on Network Security and Measurements. Solayman talked about the taxonomy he is currently building on the data-driven evaluation of intrusion detection systems. He highlighted the lack of a clear methodology to evaluate intrusion detectors, and in particular ML/AI-based ones, beyond the usual performance of detection metrics, and the widely used datasets. His proposal aims at drafting a framework enabling a modular evaluation of intrusion detection systems with respect to the properties to be evaluated. This work is expected to be submitted for publication later in this year.

A GRIFIN poster will be presented at the French Interdisciplinary Workshop on Global Security (WISG). The workshop is held online and features a number of invited talks on cryptography, fight against terrorism and fight against the COVID-19 pandemic. On the evening of January 25th, 2022, the poster session will be held, where participants can book appointments for discussing the poster with GRIFIN’s PI, Gregory. The poster describes GRIFIN in general, and advertises the vacant internship position. Registrants can make appointments via this page.