"False"
Skip to content
printicon
Main menu hidden.
En illustration där man ser en person sitta med laptop och inslag av olika tekniska möjligheter vad gäller moln och IT.

Image: Adobe Stock

Cyber Analytics and Learning

Research group We are developing AI and machine learning models for cutting-edge security solutions aimed at protecting critical infrastructure. At the same time, we effectively prevent any opportunity for attackers to use these technologies to break in and do harm.

Our research aims to develop the areas of machine learning, anomaly detection, security and privacy, and Edge AI. We combine principles to design, analyse and develop fundamental machine learning algorithms in several different application areas, including cloud RAN, Internet of Things (IoT), Edge cloud, Edge AI, Multi-cloud, anomaly detection and complex data analysis. We look forward to the security and privacy problem leveraging machine learning for various autonomous systems. Over the past five years, our interests have evolved to include topics in (big and small data) security analytics, machine learning, anomaly detection, threat modelling, adversarial attacks (e.g., backdoor, bit-flip), and Internet measurement. Our approach to researching these areas is considered exploratory, constructive, and empirical methods.

A common theme in our most recent research is developing or improving machine learning algorithms with applications to detect, prevent, and diagnose faults, failures, anomalies, or attacks from a single system to large-scale infrastructures. Further, we have been looking into security for AI systems against emerging attacks such as backdoor, bit-flip, poisoning, evasion, gradient leakage, and data leakage.

Part of ADS Lab

Our earlier work focused on understanding various security issues associated with multi-enterprise networks through design and analysis. The Cyber Analytics and Learning research group is part of the cutting-edge cloud research conducted within the Autonomous Distributed Systems Lab research group at Umeå University.

Research Areas

  • Machine learning – distributed, federated, responsible
  • Anomaly detection and resolution
  • Systems and AI security
  • Edge AI
  • Distributed systems

Machine learning

Almost all scientific and social disciplines are faced with an ever-increasing demand to analyze data that are unprecedented in scale (amount of data and its dimensionality), as well as the degree of corruption; noise, outliers, missing and indirect observations. Extracting meaningful information from such extensive and dirty data requires achieving the competing goals of computational efficiency and statistical optimality (optimal accuracy for a given amount of data). My research goal is to understand the fundamental tradeoffs between these two quantities and design algorithms that can learn and leverage the inherent structure of data in the form of clusters, graphs, subspaces and manifolds to achieve such tradeoffs.

Additionally, AI brings several benefits when deploying a model in real-time systems. These features open up several challenges to ensure trustworthiness. Here, the primary goal is to design algorithms that provide trustworthiness under different settings. These algorithms rigorously investigate the input, model and output, leveraging (a) geometric and statistical distribution of data, (b) adversarial features with a significant amount of attack variation, (c) internal behaviour analysis of models, (d) model-agnostic vulnerability analysis, (e) security-aware design of models to address the adversarial attacks, and (f) how responsible are they when deploying in real-time systems. These features improve the performance, scalability, robustness and transparency of the models. Further, it aims to explore the following aspects:

  • Privacy-preserving learning systems: How do we maximize the discovery capability of (deep) machine learning algorithms while maintaining data privacy with minimal resources? How do you ensure data privacy in federated learning and handle diverse privacy attacks? How do we ensure privacy in distributed learning
  • Large-scale machine learning systems: How do we optimize energy usage for machine learning clusters via scheduling and sprinting policies? How do you optimize the learning algorithms for efficiency and generalizability? And how do we learn from small data?
  • Secure learning: Machine learning processes are vulnerable to attacks like other software systems but add more complexity because attacks are possible in data, models, and inference. Our focus is investigating vulnerabilities across the pipeline and solutions against emerging attacks (e.g., backdoor, bit-flip, poisoning, evasion) and validating them with diverse and intricate threat models.

Security Analytics

Software is part of everything electronic around us: software runs on personal computers, refrigerators, security cameras, security gates, and smartphones. There is good software, and the “good software made to do bad things” by malicious authors, i.e., malware. Understanding malware is essential for disinfection, risk assessment, and mitigation. Malware analysis and classification automation became crucial with the ever-increasing infections reported daily. Malware classification and family identification are not new problems. However, the rapid evolution of the malware attack and defence ecosystem has enabled much fruitful research of analysis systems by capitalizing on a more exceptional understanding of the attack posture of today’s adversaries and malware authors.

In addition, our focus is investigating Distributed Denial of Service attacks in large-scale infrastructures to understand and identify the difference between benign and malicious loads. Co-location and microarchitectural attacks are examples of such problems when applications are deployed in, for instance, cloud-edge continuum scenarios.

Bringing AI to the Edge

Edge computing and artificial intelligence (AI), especially deep learning algorithms, are gradually intersecting to build novel systems, namely, edge intelligence. However, the development of edge intelligence systems encounters several challenges, and one of these challenges is the computational gap between computation-intensive deep learning algorithms and less-capable edge systems. We focus on developing and deploying methods that push DNNs to the edge, including different metrics-oriented DNN models, applications-agnostic lightweight models, learning on the edge, and the data challenge at the edge. Further, our focus is also to investigate the security issues in resource-constraint devices.

Application Areas

There are several application areas; however, the current focus is most likely on the following.

  • Softwarized networks
  • Edge computing
  • Urban infrastructures
  • Internet of Things (IoT)
  • Serverless Computing
  • 5G/6G networks

Collaborators

  • Rolf Stadler, Prof. KTH, Sweden
  • Simin Nadjm-Tehrani, Prof. Linköping University, Sweden
    Florian Pokorny, Associate Professor, KTH, Sweden
  • Maria Kihl, Prof. Lund University, Sweden
    Guansong Pang, Assistant Professor, Singapore Management University, Singapore
  • Nabendu Chaki, Prof. University of Calcutta, Kolkata, India
    Sriparna Saha, Associate Professor, Indian Institute of Technology, Patna, India
  • Tay Wee Peng, Prof. Nangyang Technological University, Singapore
  • Jugal Kalita, Prof. University of Colorado, Colorado Springs, USA)
  • Ma Maode, Associate Professor, Nangyang Technological University, Singapore
  • Anwar Aftab, AT & T Labs Research, USA
  • Youki Kadobayashi, Prof. NAIST, Japan
  • Ashish Ghosh, Prof. Indian Statistical Institute, India
  • Deep Medhi, Prof. University of Missouri, Kansas City, USA)
    Lydia Chen, Associate Professor, TU Delft, Netherland
  • Daisuke Inoue, Deputy Director, NICT, Japan
  • Yaron Wolfsthal, IBM Cybersecurity Centre of Excellence, Beer Sheva, Israel
  • Tieto AB, Sweden
  • Elastisys AB, Sweden
  • Ericsson Research, Sweden

Head of research

Monowar Bhuyan
Associate professor
E-mail
Email

Overview

Participating departments and units at Umeå University

Department of Computing Science, Faculty of Science and Technology

External funding

Wallenberg AI, Autonomous Systems and Software Program, The Kempe Foundation

External funding

Latest update: 2024-11-28