“GAISO project is an important step not only in the field of cyber security, but also in the academic context of scientific research, when the systems that allow easier identification of cyber threats and more effective management of them are being developed. It is exciting that the researchers of the Institute of Social Sciences and Applied Informatics can contribute to solving important contemporary problems in scientific practice with their knowledge and research,” says Assist. Dr Indrė Ščiukauskė, the director of the Institute of Social Sciences and Applied Informatics, Vilnius University (VU) Kaunas Faculty. The research project “Research on Cyber Resilience Through Application of Generative Artificial Intelligence in Chief Information Security Officer Operations – GAISO” is financed by the Research Council of Lithuania.
The project financed under the designated programme "Information technologies for the development of science and knowledge society" will contribute to the activities of this programme in order to achieve the use of artificial intelligence research with high applied potential for new scientific and technological results and new research directions, as well as newly emerging and rapidly developing scientific areas important for the research development in cyber security.
This project will be implemented by the scientific group of VU Kaunas Faculty, which consists of researchers and students of informatics, informatics engineering and other fields of study. The latest information technologies will be used for interdisciplinary applied research which is expected to have a direct impact on advances in emerging areas of information technology. 6 researchers from the Institute of Social Sciences and Applied Informatics (Assoc. Prof. Rasa Brūzgienė, Assoc. Prof. Kęstutis Driaunys, Assoc. Prof. Ilona Veitaitė, Assoc. Prof. Paulius Astromskis and dr. Renata Danielienė) as well as 2 researchers from the Institute of Languages, Literature and Translation Studies (Assoc. Prof. Živilė Nemickienė and Assoc. Prof. Dovilė Vengalienė) are already participating in the project. Soon, at least two undergraduate and at least two graduate students of computer science and other fields of study will be involved in the applied research.
“The digitization of services, the introduction of new technologies and the inclusion of members of society in the digital space are happening faster than the assessment of cyber threats and the selection of suitable means and methods for their reduction. This gap makes it easier to exploit existing vulnerabilities for cybercrimes, and rapidly advancing technologies such as artificial intelligence (AI) or generative artificial intelligence (GenAI) become a powerful tool in the hands of criminals,” explains Assoc. Prof. Rasa Brūzgienė, the senior researcher in the project.
According to the National Cyber Security Center's National Cyber Security Status Report for the Year 2023, the potential use of artificial intelligence technologies for cyber-attacks and the threats posed by local and global criminal structures, ranging from social engineering to serious threats to both national security and information and communication technology (ICT) infrastructures, are of great concern to the global security community. AI-powered malware can use reinforcement learning methods to improve and execute attacks more successfully. This means that generative AI systems are already conducting cyber attacks and creating malicious content.
“The GAISO project is aimed at the essential need to increase the cyber resistance of critical infrastructure to modern cyber threats. The main objective of this project is to improve the cyber resilience of critical infrastructure through the strategic application of generative artificial intelligence (GenAI) in the role of Chief Information Security Officer (CISO) to increase the effectiveness and intelligence of security professionals,” says Donatas Misiūnas, the Project Specialist at VU Kaunas Faculty.
According to the project description, this innovative solution aims to use the latest advances in GenAI and natural language processing (NLP) to automate routine tasks, cyber risk management and legal compliance, threat detection and response, vulnerability management, security testing and cyber security awareness. This way, the overall effectiveness of cyber security measures is improved. The project is particularly relevant in the context of national and global cyber security strategies, responding to the urgent need for adaptive and resilient critical infrastructure security systems that are capable of combating advanced cyber threats.
The GAISO project is directly related to the first task of goal 2 of the Lithuanian cyber security strategy: to develop the state's capacities and abilities to fight criminal acts in cyber space by creating an adaptive security system based on GenAI's abilities to understand and respond to threats. The system would be used as a proactive CISO tool to fight cybercrimes.
“During this project, new cyber security promotion standards and output validation protocols will be created in order to integrate GenAI into security practices, setting the benchmark for future cyber security solutions and promoting their widespread adoption across industries,” says Assoc. Prof. Rasa Brūzgienė.
It is planned to create a security model based on GenAI, an advanced NLP framework and new organizational and technical standards for cyber security. It is expected that in the short term these innovations will strengthen the activities of CISO, and in the long term they will encourage the creation of more adaptive GenAI-based cyber security systems. Those systems are expected to learn from mutual interactions and evolve in the long run, thus increasing cyber resilience and promoting safe critical infrastructure for the Lithuanian and EU society. The results of the GAISO project can help in creating new services and standards that will change the approach to cyber security, provide more opportunities to adapt and be more resistant to cyber threats.
The team has no doubt that the results of this research will not only contribute to the specific objectives of the programme, but will also stimulate the development of new innovative ideas that go beyond the immediate scope of the project. This will contribute significantly to the overall objective of the programme: to use generative artificial intelligence to improve security in both the public and private sectors. To highlight the practical application of GenAI to support the cyber integrity and resilience of critical infrastructures, it is also planned to prepare scientific articles for international journals, to present the results of the research at scientific conferences, and to produce a monograph.
Funding provided by the Research Council of Lithuania (LMTLT), contract No. Nr. S-ITP-24-13. The research project started on 01.10.2024 and will run for 24 months, until 30.09.2026. The project budget is 259222,72 Eur. The project is implemented by the Institute of Social Sciences and Applied Informatics, Kaunas Faculty.