Back to search

IKTPLUSS-IKT og digital innovasjon

Operable Subjective Logic Analysis Technology for Intelligence in Cybersecurity

Alternative title: Oslo Analytics

Awarded: NOK 10.8 mill.

Oslo Analytics was a research project in cyber security at the University of Oslo. The project focused on developing new technology for automated detection, prediction and prevention of cyber attacks. For example, the project conducted research on artificial intelligence for situational awareness during cyber attacks. Given that cyber threats are constantly changing, tools for cyber security must be flexible and be able to adopt new advanced methods for maintaining effective defense. Cyber threat intelligence, machine learning, and trust calculation are examples of methods that were used. The partners in Oslo Analytics were i.a. mnemonic, which is a key industry player in cybersecurity, and rhe Norwegian Computing Centre, which has cutting-edge expertise in computer science and machine learning. The collaboration formed a strong environment for outstanding research in cyber security at the University of Oslo. The latest research results from Oslo Analytics were the participation in OASIS for standardization of CTI (Cyber Threat Intelligence) with UiO playing key roles, and the integration of machine learning techniques in practical threat modeling at mnemonic.

Oslo Analytics has contributed in a very significant way to global standardisation of CTI by being member of OASIS, where the major players in the industry meet. Produced standards are Open C2 (Command and Control), TAC (Threat Actor Context), and new version of STIX (Structured Threat Information eXpression). Automatic detection of domain-generation algorithms based on ML (Machine Learning) was developed. This technology has already attracted substantial attention in the cyber-security community, and has been successfully integrated in the professional cyber-intelligence tools used by Mnenmonic. This rapid uptake of research outcomes from the Oslo Analytics project for professional cybersecurity technology reflects very high quality of research. The work on Bayesian network models based on subjective logic is being adopted by industry around the world. The Australian company Veriluma produces intelligence analytics tools for military and law enforcement agencies.

Oslo Analytics aims at investigating and developing technology for automated cyberattack detection, prediction and prevention coupled with situational intelligence analysis. More specifically the project will build and validate innovative cybersecurity intelligence technology based on statistical analysis of security data as well as on subjective Bayesian networks for intelligence analysis. Given that modern cyberattacks are rapidly changing and are becoming increasingly stealthy and deceptive, cybersecurity tools must be sufficiently flexible and adaptable to this trend in order to be of any value. Oslo Analytics takes the approach that cybersecurity tools must be enhanced with advanced intelligence analysis capabilities to be able to meet these criteria. This type of tools will make government and private security agencies more potent against cybercrime in a world of rapidly changing security threats. Oslo Analytics brings together an international consortium of organisations with deep and solid expertise in their fields which have the capacity to produce valuable deliverables and, through their collaboration, create a strong community for excellence in cybersecurity intelligence.

Publications from Cristin

No publications found

No publications found

Funding scheme:

IKTPLUSS-IKT og digital innovasjon