Cognitive Cybersecurity Intelligence (CCSI) Group       

links

Jiyong Jang photo photo Douglas L Schales photo photoFREDERICO ARAUJO photo Teryl Taylor photo

Cognitive Cybersecurity Intelligence (CCSI) Group - overview


The Cognitive Cybersecurity Intelligence (CCSI) group (formerly Global Security Analysis Lab or GSAL) investigates methodologies and technologies to help organizations detect, understand, and deflect advanced cybersecurity threats and attacks on their network and in the cloud. It explores challenging research problems posed by building and combining AI and cognitive methods (e.g., contextual and behavioral analysis, machine learning, reasoning), scalable big data security analytics (e.g., graph mining, deep correlation and provenance analysis), and next-generation defense mechanisms (e.g., transparent malware analysis, active defense and cyber deception layers) to gain deep intelligence and insights about cyber security threats and attacks as well as threat actors. 

 

Current focus areas and projects

  • AI-powered and cognitive security offense analytics, cyber threat hunting, and threat intelligence consolidation
  • Cross-stack cyber deception and active defense techniques
  • Cyber security analytics, event correlation, and provenance tracking on the network and device-level
  • Next-generation malware analysis
  • Design of high-speed and scalable data collection platforms for real-time and historical security analytics
  • Security data visualization and penetration testing

 

Recent highlights

 

Recent impact on IBM products and offerings

The CCSI had direct impact with core contributions to several new security products and solutions IBM launched in the last few years:




Contact

Jiyong Jang


DeepLocker: How AI Can Power a Stealthy New Breed of Malware


Exploring the Security Knowledge Graph


Security Knowledge Graph


Identify and Understand threats with Watson for Cyber Security