Research Associate - AI driven Cyber Range Operations

The SnT is seeking a Postdoc to support the research and development work within the SEDAN group (https://www.uni.lu/snt-en/research-groups/sedan ). We seek a candidate with expertise and/or interest in the following relevant fields: machine learning and cybersecurity.

While robust infrastructures now exist for running cybersecurity exercises, the creation and management of training scenarios remain highly manual, time-consuming processes. These tasks involve designing scenarios, generating associated content, executing and monitoring exercises, providing guidance, and incorporating feedback for continuous improvement.

The project will thus focusing on increasing capabilities of existing cyber-ranges  in terms of types of scenarios and experience but without exploding the operational costs. Hence, a large part of the project is dedicated to better integrate automation into multiple facets of cyber-range operation, including the federation of infrastructures to deploy complex scenarios in multiple platforms, the creation of complex scenarios themselves through federation but also thanks artificial intelligence to create or guide the creation of new contents, to ensure a more realistic and challenging execution of scenarios by integrating automated agents perturbing or helping trainees during their exercises. All together, this will enable a large diversity in exercises but will also improve the end-user experience of the trainee which is essential to ensure continuous education and learning.

In this project SnT will lead activities to define and develop AI models to be used when creating scenario contents that includes the aggregation of multiple scenarios (partial or complete) in multiple cyber-ranges assisted by AI to identify gaps (missing steps) in a full complex scenarios based on existing standards such as MITRE ATT&CK or the cyber kill-chain. As an underlying objective, the defining of common description language will be necessary to share cyber-range capacities and scenarios. Furthermore, the postdoc will also research on creating automated content based on contextualized information about a particular environment or threats a person must be trained. Hence, information about a profile of an IT infrastructure will be integrated to create a relevant scenario and exercise environment. Finally, the postdoc will also lead research on the topic of automated moderation of exercise by developing AI models capable to monitor and interpret the trainee progress and to provide assistance when needed with the objective to optimize the acquired knowledge and skills but the trainee motivation.

In addition, the candidate will be also involved in project management, reporting and dissemination. He will participate and lead tasks that require a close cooperation with other partners. The project is an outstanding project with many opportunities to team-up with colleagues and partners is thus a magnificent opportunity to develop a research agenda and a network of contacts in all Europe.

Besides, during postdoc, the candidate will have the opportunity to participate and propose other projects within the group and so also develop his/her/their own research agenda. We are working on various topics related to applied ML and cyber-security, including applications and security of LLMs.