Simulates cyberattacks to find countermeasures

We can be of great benefit in the prevention of attacks and sabotage in vital societal functions, it is an important research contribution, says Dragos Ilie, researcher in computer science and IT security.

Increasing computing power and the number of interconnected functions – many opportunities but unfortunately also risks of malicious attacks. Dragos Ilie conducts research in computer science to make it harder and more expensive to carry out cyber-attacks.

“The incentive for those who carry out attacks is often money, for example, by locking data that you recover if you pay or by selling on large amounts of personal data they have gained access to, and attacks are carried out in an organised manner. We increase the knowledge on attacks and find vulnerabilities in systems and functions”, says Dragos Ilie.

Simulations of cyber-attacks to find countermeasures 
An important part of our work is a cloud-based test environment in which researchers and students study cyber-attacks in a closed environment to understand vulnerabilities in systems, access points and developments of attacks and how countermeasures should be developed. Network security, trusted computing and test environments are areas in which BTH contributes to many collaboration projects.

“One of my lines of research focuses on detecting malware. For example, we study a special type of software that remains hidden by modifying its own code. To detect it we use deep learning, an advanced AI method”, says Dragos Ilie.

He asserts that a general security issue is the major operative systems that the whole world uses without having any or very little insight into the development. Many attacks exploit vulnerabilities in these specific systems, despite the manufacturers working hard to keep the product in good condition.

“The international systems are sensitive from a security point of view, we have to live with that, and instead create preparedness in society with an increased knowledge of network and computer security. It is an important function for the research and education at BTH”, says Dragos Ilie.

Online safety – a question of knowledge  
Alongside technology development, increased knowledge and awareness among users is the most important measure for safety. Program codes that are created for malicious purposes search for vulnerabilities and are sent out automatically and widely, no user is unimportant, anyone can be affected. The source is everything from individual hackers to organised crime.

“Our general advice to the public is to use antivirus software, not to click on unknown files in emails and to choose long passwords that are hard to guess. That goes a long way to protect from common attacks directed at the user’s computer. However, a connected and unprotected electricity meter can also provide access to your home WiFi”, says Dragos Ilie.

Security architecture is often BTH’s contribution in different development projects. For concrete solutions, BTH participates in parts of the development.

“We are a public actor and our results are not classified. We contribute with expertise, education, testing, and the creation of prototypes but it is the company that owns the problem and has the holistic perspective of their security-classified systems”, says Dragos Ilie.

AI can contribute to increased safety  
BTH also collaborates internationally on increased safety. For AI functionality to be easily accessed by developers, a European marketplace for AI is being created that is similar to existing marketplaces for apps. BTH contributes with knowledge and methods that prevent or make it difficult for users to bypass component licences and to make unauthorised modifications to the AI components.

“Protection is required to ensure the AI modules are not copied and misused”, says Dragos Ilie.

A dream project for Dragos Ilie and his colleagues would be to broaden the work on the protection of critical social infrastructure such as electricity, water, trains, ports and telecommunications.