The project's goal is to research and develop a system for collecting and processing indicators of compromise (e.g., domain name) from computer networks and their usage for improving cyber security. Security improvements will be achieved by creating a central model describing different attacks on different networks and distributing this model back to the monitored networks. This will enable proactive detection of network threats that attackers have not yet attacked. Because threat information may contain sensitive information, privacy-preserving techniques will be used in the project solution. Another research direction will focus on the possibilities of using large language models of the GPT model type to explain detected threats based on historical knowledge.
01/2024-12/2025
TM05000014