Combining AI and Cybersecurity Nets a Romanian Conference Trip
A classroom research project turned into a published paper and an invitation to the Knowledge-Based Organization, an international conference hosted annually by Nicolae Balcescu Land Forces Academy in Sibiu, Romania.Michal Markevych (CYF, 4th Year)
Michal Markevych fulfilled a requirement in his information technology problem-solving course by spending a semester researching how GPT-4 can be used to enhance intrusion detection systems (IDS) and to advance the cybersecurity landscape. The course culminated in submitting the research to the Knowledge Based Organization (KBO) conference hosted annually by Nicolae Balcescu Land Forces Academy in Sibiu, Romania. The submission resulted in an invitation to present his research at the conference and a published paper.
“As soon as I received the email, I felt a wave of accomplishment and gratefulness as all the dedication and hard work of a full semester of research finally paid off,” Michal says. “This being my first ever paper to be published, I was very content with the way the whole process went: the ease of the working with my professor and colleagues, the opportunity to be able to present my own research, and the hospitality received in Romania during my stay at the conference.”
Michal leveraged artificial intelligence and machine learning techniques to help intrusion detection systems adapt to new threats and changing network behavior, identify patterns of malicious activity in large volumes of data, and boost real-time detection and response capabilities.
GPT-4 was chosen as the model due to its broad knowledge of domains, accurate problem-solving skills, and ability to complete complicated instructions. GPT-4 was integrated into tcpdump, a low-profile command-line packet analyzer. GPT-4 analyzes the incoming packet data and scans it for malicious activity. Because this language model is connected to the internet, it can scrape current websites for current threats and payloads for comparison with the incoming network traffic. This gives the AI intrusion detection program the added benefit of detecting newer threats that need to be constantly patched in existing IDS.
Michal says receiving consistent peer review and feedback helped shape the research and prepared him for his first conference presentation.
“I received briefing and further information on the current developments of GPT-4 from friends and colleagues who have also been doing their own research in the AI space,” Michal says. “There was a moment during my research where I needed to decide which direction to steer my model. There were several options on which network monitor program to use and through the guidance on the pro’s and con’s by peers, I was able to choose the one that was best for my specific application.”
Michal says the conference began with all attendees staying at Nicolae Balcescu Land Forces Academy and sharing a formal breakfast. An introductory military ceremony by members of the Romanian army introduced the attendees and commenced the conference. The different divisions of research were broken up into different buildings where panels and presentations of each research project were given. A networking session where all attendees of the conference could ask more questions about each other’s research as well as receive valuable feedback from professionals with different backgrounds followed the presentations and panels.
Michal plans on pursuing his research further at Illinois Tech. He hopes to develop a working model in the last semester of his studies here with the help of all the colleagues he met along this experience.