Research Project

Intelligent detection of digital documents cyber threats

Principal Investigators
Dr Hossein Anisi
Dr Vahid Abolghasemi

This project involves using machine learning to detect malicious files/behaviours based on the analysis reports which Glasswall generates from processing digital documents.

Content disarm and reconstruction (CDR) software is designed to remediate file structures back into line with their published specification and remove risky Active Content in accordance with the handling policy and limitations set by the user. Files are regenerated in milliseconds in their original file format with the visual content completely untouched.

The project will look at how to detect malicious actors based on content of files - looking at files not as a binary 'blob' - but looking at thousands of file hashes in an object model.

The key objectives of the project include:

  • Design and deployment of machine learning-enabled threat intelligence engine
  • Development of scalability mechanism and testing the threat intelligence engine
  • Identify likely markets for early adoption of CDR technology at the commercial level and optimise the engine for targeting these customers.

Partners

This project is run in partnership with Glasswall Solutions.

Funding

This project has been funded by InnovateUK.