Research database

Nowadays we rely on digital services to stay informed, organize our work, manage our savings, etc. Numbers in hand, 63,1% of the global population accesses the web daily, staying 7 hours online for work, social media, and any service. With this, cyber fraud and attacks are proliferating. Their cost continuously increases, up to 13,8 trillion USD by 2028. With the explosion of social networks and instant messaging, attack vectors multiply, making social engineering attacks based on counterfeit multimedia and fake news an everyday threat. Providing security in such a scenario is dramatic: attackers use multiple communication channels to game their victims with complicated plots. Companies and users underestimate the risks with a false sense of protection offered by legacy security tools. We believe Artificial Intelligence is the only means to counterfight these ever-growing threats. Testified by its success in Natural Language Processing and Computer Vision applications, AI allows us to design algorithms and systems capable of identifying new threats promptly, with great scalability, automatically adapting to modifications. In AI4CTI, we study and develop ground-breaking AI-based technologies to counter social engineering attacks: a scalable and clever data collection plan feeds a graph-based data ocean, on the top of which an AI foundation model – specifically designed to extract multimodal features from any internet content – will pave the road to highly-specialised downstream tasks ultimately designed to detect malicious content and fake news. Differently from NLP and CV, in Cyber Security, we sorely lack the abundant availability of ground truth and face purposely obfuscated content. This opens to fundamental research questions. If successful, AI4CTI technologies will allow the development of automatic threat detection systems able to offer on-device protection and open CTI feeds to be integrated into cyber-defensive ecosystems.