Collaboration on cyberattacks provides lessons on cyberdefence

De tre forskarna mitt i vimlet på Ångströmlaboratoriet

The current research project of Andreas Johnsson, Christian Rohner and Salman Toor focuses on cybersecurity solutions in industrial digital systems. Photo: Mikael Wallerstedt

With an increasing number of cyberthreats and data breaches, advanced digital solutions are needed to protect critical operations. In a new Vinnova-funded project, Uppsala researchers are developing new methods to secure industrial systems. “The challenge is to combine defence strategies with the next generation of AI detection systems”, says Christian Rohner, who is professor of computer systems.

Today, cybersecurity is high on the global agenda. To prevent incidents and disruptions with potentially serious consequences, investments in prevention and research are increasing. Last year, the research funding agency Vinnova announced funding for cybersecurity solutions in industrial digital systems. One of the projects that has been granted funding is led by Professor Christian Rohner at the Department of Information Technology.

"We rely more and more on systems that are based on the interconnecting network or the Internet of Things. In this project, we explore how to detect attacks on such systems, including by learning from each other’s experiences using privacy-preserving machine learning.”

Training models on different data sets

Together with colleagues Salman Toor and Andreas Johnsson, Christian Rohner trains algorithms using data from previously recorded attacks against different actors. The researchers build their models based on so-called federated machine learning, whereby training data is linked from scattered computing units. Actors retain control over their data, which is also not shared with others. This is particularly beneficial for organisations such as hospitals and banks that handle sensitive information, according to Christian Rohner.

“We build common but parallel machine learning models at the local level. The models are then aggregated in a hierarchical structure, which hopefully contains knowledge about a large number of attacks. This will allow us to simulate attack variations, which will make the systems better prepared for the future.”

Platform made available to industry

The Robust IoT Security: Intrusion Detection Leveraging Contributions from Multiple Systems project is a collaboration between Uppsala University and the company Scaleout Systems AB. Scaleout Systems is a spin-off company from the Department of Information Technology at Uppsala University. According to the company’s technical director and co-founder, Salman Toor, selected parts of the project will result in an open-source educational platform that will be available to researchers and industry.

Porträtt av de tre forskarna mot en vit vägg

The researchers train algorithms using data from previously recorded attacks against different actors. Photo: Mikael Wallerstedt

The goal is to develop so-called intrusion detection systems (IDS) for future implementation in Swedish industry.

“All businesses will need to be digitalised, as value chains are connected and value networks are formed”, explains Salman Toor. “At the same time, it is a challenge when entire business ecosystems are expected to share data with each other.”

How do you ensure that confidential information is not disclosed when machine learning models are connected and data begins to be shared?

“There is a risk of that”, says Andreas Johnsson. “When these technologies are implemented on a large scale, we expect issues and challenges to arise that need to be addressed. In the project, we are also working on methods to try to avoid those scenarios – for example, by the use of preventive security work as early as possible in the process.”

Calls for broader collaboration within the university

Last year, the field of systems and cybersecurity was also designated as one of the areas of strength at the Faculty of Science and Technology, with Christian Rohner as coordinator. One of the plans is to extend the activities to other disciplinary domains. Another is to create a risk lab for workshops on cybersecurity and smart technologies such as sensors.

“We want to strengthen cooperation in cybersecurity-related research and education. The goal is to develop an inclusive platform for the whole university that engages, provokes thoughts and also involves the social aspects of cybersecurity”, says Christian Rohner.

Anneli Björkman

Facts about the project "Robust IoT Security"

  • Last autumn, the project Robust IoT Security: Intrusion Detection Leveraging Contributions from Multiple Systems was granted funding from Vinnova within the call Cybersecurity for industrial advanced digitalisation 2023.
  • The projects that will receive funding will develop solutions to the cybersecurity challenges that arise when Swedish industry implements new advanced digitalisation solutions.
  • The project grant to Uppsala University amounts to just over SEK 4.6 million, and the project period is two years.

Subscribe to the Uppsala University newsletter