CEDoc-College of Computing/CYSA: An AI-based cybersecurity framework for Full-time

Introduction:

Mohammed VI Polytechnic University is an institution dedicated to research and innovation in Africa and aims to position itself among world-renowned universities in its fields The University is engaged in economic and human development and puts research and innovation at the forefront of African development. A mechanism that enables it to consolidate Morocco’s frontline position in these fields, in a unique partnership-based approach and boosting skills training relevant to the future of Africa. Located in the municipality of Benguerir, in the very heart of the Green City, Mohammed VI Polytechnic University aspires to leave its mark nationally, continentally, and globally.

Context:

With the rapid advancements of technology and the increasing dependence on interconnected systems, ensuring robust cybersecurity measures has become a critical concern in today’s digital landscape. The emergence of artificial intelligence (AI) offers new possibilities for bolstering security mechanisms, but it also introduces novel challenges and vulnerabilities.

The continued evolution of nation-state-affiliated and criminal adversaries, as well as the increasing sophistication of cyberattacks, are finding new and invasive ways to target even the savviest of targets. This evolution is driving an increase in the number, scale, and impact of cyberattacks, and necessitating the implementation of intelligence-driven cybersecurity to provide dynamic protection against evolving cyberattacks and to manage big data. Advisory organizations are encouraging the use of more proactive and adaptive approaches by shifting towards real-time assessments, continuous monitoring, and data-driven analysis to identify, protect against, detect, respond to, and recover from cyberattacks (e.g. ransomware) to prevent future security incidents.

Intrusion Detection systems (IDS) represent a key asset to detect cyber-attacks and malicious activities. In deep, detecting an attack in the first steps of a kill chain may reduce drastically the impacts on the targeted organization. In recent years, machine learning has emerged as a powerful tool in intrusion detection as malicious actors have found ways to bypass traditional signature-based IDS (as modifying the signature of malware is a service provided by dark web marketplaces). Numerous datasets have been shared publicly: UNSW-NB15, NSL-KDD, KDD99, and ToN-IOT are some of the well-known ones.

This research project aims to leverage recent initiatives in current state-of-the-art IDS using machine learning techniques for efficient attack detection and expand it to the most pressing industry challenges in the face of evolving cyber threats. This multidisciplinary work adopts a comprehensive approach by integrating concepts from computer science, machine learning, data analysis, cybersecurity, and real-world industrial case studies.

Research objectives:

The methodology of this research will involve:

• Reviewing current literature to identify gaps and opportunities in intrusion detection systems.
• Designing and implementing machine learning models tailored for specific types of cyberattacks.
• Applying optimization algorithms to enhance model training and feature selection.
• Testing the models on public cybersecurity datasets and analyzing their performance metrics.
• Testing the models on real data by collaborating with industry partners to gather feedback and refine the models accordingly.

The expected outcome of the project is a scalable, efficient, robust, and effective IDS framework.

Admission Criteria:

• Prospective candidates should possess a strong background in cybersecurity and deep learning.

• Proficiency in programming languages, e.g., Python.

Candidates are invited to submit their applications, including a detailed CV and academic transcripts. Email: anas.motii@um6p.ma

UM6P.