The Centre for Secure Information Technologies (CSIT) at Queen’s University Belfast is entering into a new partnership with ieDigital, in a world-first cybersecurity endeavor.
The collaboration is part of the Knowledge Transfer Partnership program, which embeds the latest academic research within leading businesses. A graduate will be recruited to work with ieDigital as part of the development of the company’s security banking software proposition, Interact AppSensorFS.
The partnership will further boost ieDigital’s capability in developing secure and innovative digital financial solutions by benefitting from CSIT’s research into cybersecurity and artificial intelligence. CSIT will gain new, real-world experience in the financial technology sector. The wider academic community investigating cybersecurity will benefit from the resulting research into ever-changing attack trends on the banking sector.
The partnership is being developed against the backdrop of the financial industry facing an unprecedented volume of security incidents, despite high levels of spending on security measures. According to a PWC report, security breaches were at an all-time high in 2015, rising to 90% (from 81% in 2014).
Despite the high threat level, no European retail bank has attack-aware security that automatically detects and responds to intrusions inside perimeter defences. While most bank branches have sensors inside the building as well as on the door, that’s not the standard for financial services technology.
CSIT and ieDigital’s collaboration aims to put an end to this through its Interact AppSensorFS proposition, which uses a state-of-the-art detection approach using machine learning and prior knowledge.
Being attack-aware
Machine learning, a form of artificial intelligence, will be used to model user behavior, teaching Interact AppSensorFS to recognize when a hacker is entering, or is actually inside, a bank’s system, alerting security officers and providing solutions to negate the threat. Interact AppSensorFS connects remote sensing detectors together into a common security console, helping to monitor the overall security risk, and will activate alarms if defensive action is required.
Clayton Locke, chief technology officer, ieDigital, says the development of Interact AppSensorFS is an important step towards solving what is becoming one of the biggest problems for the financial services sector today.
“By not being attack-aware, traditional security measures are like putting a lock on the door after the burglar is already inside the building,” he says. “Now for the first time, banks can deploy security that responds from inside applications that are self-defending.
“We believe 2016 is the time for the financial services industry to evolve and start using technology that can anticipate and differentiate between typical user and criminal behavior, and have the capability to cope in real-time. Our partnership with CSIT to develop Interact AppSensorFS will be key to this evolution.”
Lorraine Marks, Queen’s University’s KTP manager, says: “Our Knowledge Transfer Partnership with ieDigital aims to share expertize between our two organizations, providing a graduate with the opportunity to deliver a highly challenging, but strategically important project at an early stage in their career. The recruitment process for the position of KTP associate is now under way, and we welcome applications from any suitably qualified graduate.”
The Queen’s academics supporting the partnership will be Dr Phillip O’Kane, a machine learning specialist, and Professor Sekir Sezer, who specializes in the acceleration of network processing and cybersecurity-related functions. Dr O’Kane says, “This partnership is a cybersecurity world first, and it’s exciting that we’re able to play a part in it. The learning and experience from this project will also feed back into the regular review of our new Masters in cybersecurity’s course content, and provide further real-world examples of technology application.”
This proposition is what Gartner refers to as a Runtime Application Self-Protection (RASP) solution, designed to protect ieDigital’s Interact digital banking solutions from cybersecurity attacks. The initiative was originally based on ideas put forward by the Open Web Application Security Project (OWASP), a global not-for-profit charity focused on improving software security.
