Projects

WAFMind: Enhancing Web Application Firewall Detection Capabilities Through Machine Learning

Overview: The WAFMind project is an innovative initiative aimed at leveraging machine learning technologies to enhance the detection capabilities of Web Application Firewalls (WAFs). As cyber threats become increasingly sophisticated, traditional rule-based WAFs often struggle to keep up with evolving attack patterns. WAFMind addresses this challenge by integrating machine learning algorithms to improve the adaptability and accuracy of detection mechanisms within WAF systems.

Objectives:

1. Improved Detection Accuracy: The primary goal of WAFMind is to reduce false positives and negatives in threat detection by enabling WAFs to learn from historical attack data. Machine learning algorithms can analyze vast amounts of data to identify subtle patterns associated with specific types of web attacks that might go unnoticed by conventional systems.

   Continue reading

Tectonic: An Academic Cyber Range

Overview: Tectonic is a cyber range designed by GSI to provide realistic cybersecurity scenarios for education and training through the deployment of networks, systems and applications that can be used to train users on cybersecurity topics. Key functionalities include customizable network configurations, real-time monitoring and automated attack simulations.

It incorporates existing tools from the infrastructure as code (IaC) approach, which allows for the specification of all the components of a cybersecurity scenario in a declarative manner. This specification is made in a high-level language that can be interpreted and allows for the automatic generation of scenarios on the laboratory underlying platform. Declarative descriptions of the scenarios make them easily versioned, maintained, and shared, facilitating collaboration with other institutions and laboratories of this type.

Continue reading

Herramientas conceptuales y tecnológicas para ciberseguridad adaptativa y certificada

This is a research program submitted to the call for CSIC R&D Groups 2022 edition. This research program was selected and awarded funding for the period 2023-2027.

General objective of the program The main objective of this research program can be divided into three complementary lines of research:

• The conception and development of automated mechanisms for the identification, analysis and prevention of cyber attacks on web applications and computer systems based on machine and deep learning techniques, model-guided security and process mining.
• Development of methodologies and tools that allow the creation of a Cyber ​​Range that is an advanced platform for training, experimentation and research around the multiple aspects of cybersecurity.
• Develop, adapt and specialize methods, techniques and tools for the verification of smart contracts, protocols and computing platforms based on cryptocurrencies. Develop and analyze a system, using blockchain, that provides services to manage, store and validate digital academic certificates, which respects national regulations on the handling of personal data. To train human resources that master the technologies associated with blockchain and cryptocurrencies.

Specific Objectives This research program has the following specific objectives:

Continue reading