OBS! Ansökningsperioden för denna annonsen har
passerat.
Arbetsbeskrivning
Background
As vehicles get more and more connected functionality through a variety of interfaces, the attack surface expands too. Keeping track of the threat landscape is crucial for the continuous operation of those kinds of vehicle. Knowing the threat landscape and future predictions, during the design and analysis of connected vehicles, is a must. It is even advised due to the new automotive specific regulation UN R. 155 to have processes to assess whether the implemented security controls are still effective due to new threats.
Problem
Threat intelligence is by no means a new area, on the contrary, a multitude of companies are providing solutions, and some are even freely providing their intel, containing among other things, reports on the current threat landscape as well as future predictions.
These kinds of reports are valuable sources of information for companies building up their understanding of cyber threats and keeping it up to date. For a company producing various kinds of vehicle, such as trucks, buses, construction equipment, etc., which in addition are sold on various markets, the need to be able to tailor system solutions based on the threat landscape may be relevant.
Solution
By developing a methodology for how such reports can be consolidated and further be used as one threat intelligence source, among others, it could be incorporated into the threat landscape and subsequent work, such as threat models, TARAs, etc.
One suggestion is to utilize machine learning techniques, such as supervised learning and use a classifier to train a model such that important information in the reports can be classified according to some scheme. With this as a basis, important information can be extracted.
Goal of the thesis
Propose and/or develop a methodology for categorizing and extraction of the most important terms, concepts, etc. from threat intelligence reports relevant for the automotive industry, active in various domains, contexts and markets. Propose configuration, constraints, needed pre-processing, labelling scheme, etc. needed for a supervised learning classifier in order to adequately cover the important parts of the reports. Additionally, investigate the feasibility of using one such classifier (e.g. BERT) to classify relevant information and assess the model’s effectiveness.
Desirable expertise
Automotive systems
Machine Learning
Cybersecurity basics
System development
Python
Kick-off date
ASAP or during 2023.
Additional info
The scope can be flexible and adapted to 1-2 students, depending on how many students you are and how much time you have for your thesis.
Some reference links:
https://www.enisa.europa.eu/publications/enisa-threat-landscape-2022
2022 Global Automotive Cybersecurity Report | Upstream
Kindly note that due to GDPR, we will not accept applications via mail. Please use our career site.