| Project Id
|
BITSRMIT024B001308
|
| Project Detail
|
| Project Title
|
Human-AI Teaming in Cybersecurity Incident Response
|
| Senior Supervision Team (BITS)
|
| Supervisor name and Title
|
Amit Dua
|
School or Department (or company, if applicable)
|
BITS PILANI, PILANI CAMPUS
|
|
|
|
Email ID
|
amit.dua@pilani.bits-pilani.ac.in
|
| URL for more info
|
https://www.bits-pilani.ac.in/pilani/amit-dua/
|
| a) Are you currently supervising a BITS or RMIT HDR student?
|
NO
|
| Please comment how many you are supervising
|
|
| b) Have you supervised an offshore candidate before?
|
NO
|
| If no, what support structures do you have in place?
|
|
| If yes, please elaborate
|
N
|
| Senior Supervision Team (RMIT)
|
| Supervisor name and Title
|
Abebe Diro
|
School or Department (or company, if applicable)
|
COBL
|
|
|
|
Email ID
|
abebe.diro3@rmit.edu.au
|
| URL for more info
|
https://www.rmit.edu.au/contact/staff-contacts/academic-staff/d/diro-dr-abebe
|
| a) Are you currently supervising a BITS or RMIT HDR student?
|
YES
|
| Please comment how many you are supervising
|
2
|
| b) Have you supervised an offshore candidate before?
|
NO
|
| If no, what support structures do you have in place?
|
|
| If yes, please elaborate
|
N
|
| Other Supervisors (BITS)
|
| Supervisor name and Title
|
|
School or Department (or company, if applicable)
|
|
| Phone Number (Optional)
|
|
Email ID
|
|
| URL for more info
|
|
| Other Supervisors (BITS)
|
| Supervisor name and Title
|
Shahriar Kaisar
|
School or Department (or company, if applicable)
|
COBL
|
| Phone Number (Optional)
|
|
Email ID
|
shahriar.kaisar@rmit.edu.au
|
| URL for more info
|
|
| Field of Research (For Codes)
|
| 4602 | Artificial intelligence | 30.00 |
| 460402 | Data and information privacy | 30.00 |
| 460403 | Data security and protection | 40.00 |
|
| Project Description
|
|
The current landscape of cybersecurity incident response is fraught with difficulties. Traditional systems, often reliant on manual intervention, struggle to keep up with the rapid pace of cyberattacks, leading to delays that can be exploited by malicious actors. Furthermore, the sheer volume and complexity of cyber threats pose a formidable challenge for human analysts, who are increasingly overwhelmed. While AI and machine learning offer a degree of automation, their limitations in handling nuanced situations, interpreting contextual information, and explaining their decisions hinder their full integration into incident response processes. Moreover, a purely AI-driven approach raises concerns about accountability, ethical considerations, and the potential for unintended consequences.
This project seeks to address these challenges by developing a framework for effective human-AI teaming in cybersecurity incident response. It recognizes that neither humans nor AI alone can provide an optimal solution, but rather, their combined strengths can lead to a more resilient and effective response. The project aims to facilitate seamless collaboration, where AI augments human capabilities with real-time insights and predictive analytics, while humans provide strategic guidance, contextual understanding, and ethical oversight.
To achieve this vision of human-AI synergy, the project will adopt a multi-faceted approach. It will begin with a comprehensive review of existing research, identifying current best practices, challenges, and research gaps in human-AI teaming, incident response, and cybersecurity. This knowledge base will inform the development of a conceptual framework that outlines guidelines, principles, and best practices for effective collaboration, communication, and knowledge sharing between human analysts and AI systems. The project will then focus on developing and integrating AI capabilities such as threat intelligence, anomaly detection, and automated response playbooks into the framework. These capabilities will augment human analysts' abilities by providing real-time insights and predictive analytics.
|
| Project Deliverable/Outcomes
|
|
Short-Term Outcomes (within 1-2 years)
Framework Development & Validation: Successful creation and testing of a conceptual framework for human-AI teaming, outlining roles, responsibilities, and communication protocols.
AI Augmentation Tools: Development of initial AI tools to provide real-time insights, threat intelligence, and preliminary automation support to analysts.
Improved Situational Awareness: Human analysts experience increased efficiency in understanding and responding to incidents due to AI-provided context and recommendations.
Medium-Term Outcomes (3-5 years)
Refined Collaboration: The framework will be iteratively refined based on real-world testing, leading to smoother human-AI interactions and improved decision-making processes.
AI-Enhanced Decision Support: More sophisticated AI models capable of analyzing complex attack patterns and providing nuanced, actionable recommendations.
Measurable Efficiency Gains: Reduction in mean time to detect (MTTD) and mean time to respond (MTTR) to incidents, demonstrable through testing and case studies.
Long-Term Outcomes (5+ years)
Proactive Cyber Defense: The system anticipates and thwarts threats before they cause significant damage, thanks to AI's pattern recognition and human strategic oversight.
Adaptive & Resilient Security: The combined human-AI team becomes adept at handling novel attack types, constantly learning and evolving its defenses.
Industry-Wide Adoption: The framework and associated tools become standard practice, leading to a more robust and resilient cybersecurity posture across organizations.
Upskilled Workforce: Human analysts' skills are elevated, focusing on strategic decision-making and critical thinking, empowered by AI's capabilities.
Ethical & Accountable AI: The framework embeds ethical considerations and maintains human accountability in critical decision points, setting a standard for responsible AI use in security.
|
| Research Impact Themes
|
| ADVANCED DIGITAL TECHNOLOGIES AND BUSINESS TRANSFORMATION | DEEP LEARNING AND PREDICTIVE MODELLING |
|
| Which RMIT Sustainable Development Goal (SDG) does your project align to
|
|
INDUSTRY, INNOVATION, AND INFRASTRUCTURE
|
| Which RMIT Enabling Impact Platform (EIP) does your project align to
|
|
INFORMATION IN SOCIETY
|
| Which RMIT Program code will this project sit under?
|
|
DR201 (BUSINESS INFORMATION SYSTEMS)
|
| Student Capabilities and Qualifications
|
|
Cybersecurity
|
|
AI
|
|
MSc or MTech
|
| Preferred discipline of Student
|
| Computer Science and Information Systems |
| Computing: Computer Science, Computer System Security, Software Engineering, Cyber Security & Cyber Physical Systems |
|