AI-driven cyber threat intelligence and autonomous defense system for emerging network threats - ON-1204

Genre de projet: Recherche
Discipline(s) souhaitée(s): Génie - informatique / électrique, Génie, Informatique, Sciences mathématiques
Entreprise: Intruxion X Inc.
Durée du projet: 4 à 6 mois
Date souhaitée de début: Dès que possible
Langue exigée: Anglais
Emplacement(s): Markham, ON, Canada
Nombre de postes: 2
Niveau de scolarité désiré: MaîtriseDoctoratRecherche postdoctorale
Ouvert aux candidatures de personnes inscrites à un établissement à l’extérieur du Canada: No

Au sujet de l’entreprise: 

Intruxion X stands as a paragon of innovation in the realm of enterprise security and threat intelligence, proudly headquartered in Markham, Canada. Our premier offerings, QICX and ABACUS, represent one of the world's inaugural integrated products.

Veuillez décrire le projet.: 

The increasing velocity and sophistication of cyber threats present major challenges for securing distributed digital infrastructure. Modern attacks rapidly leverage zero-day vulnerabilities, sophisticated automation, and coordinated botnets, systematically outpacing the capabilities of conventional, signature-based security defenses. Furthermore, the critical data required for effective defense—vulnerability disclosures, malware reports, and incident records—remains fragmented across disparate platforms, severely inhibiting the generation of timely, actionable threat intelligence.1
This project proposes to engineer a novel, AI-first cyber threat intelligence and autonomous defense framework. The core scientific contribution involves applying advanced machine learning and Natural Language Processing (NLP) to aggregate and fuse large-scale, heterogeneous cybersecurity data sources. These models will be rigorously designed to identify subtle, non-obvious correlations, specifically focusing on modeling the evolution of adversary Techniques, Tactics, and Procedures (TTPs) rather than just static Indicators of Compromise.
Crucially, the research will establish a continuous learning infrastructure where threat data captured in real-time from proprietary edge sensors (Project #1) is used to refine
and evolve the central predictive intelligence models. This approach will enable security systems to dynamically and proactively adjust defense posture based on risk scoring and real-time threat ingestion. We will specifically investigate the power of graph-based knowledge models to construct a proprietary, continuously evolving threat intelligence repository, ensuring in-house mastery of threat analysis and predictive defense.
The final outcome will be a research-validated system that provides a transformative approach to predicting and autonomously mitigating emerging threats across enterprise networks, IoT environments, and critical infrastructure systems.

Expertise ou compétences exigées: 

The project requires post-grad level researchers with foundational expertise in three critical areas: Cybersecurity, Artificial Intelligence (AI), and Distributed/Networked IoT Systems. Candidates must demonstrate strong capabilities in both cutting-edge academic research and the practical implementation of robust prototype systems.

Key Technical Skills (Must-Have)
Researchers must possess proven proficiency in:
● Machine Learning / AI for anomaly detection, predictive modeling, and data analytics.
● Data Engineering for handling and processing large-scale, heterogeneous datasets.
● Cybersecurity Analysis including threat detection techniques, network security, and vulnerability analysis.
● Network Expertise covering network protocols, traffic analysis, and deep packet inspection.
● Programming: Strong proficiency in Python, and familiarity with either C++, Java, or Rust for systems development.
● Natural Language Processing (NLP) for extracting actionable intelligence from technical reports and unstructured threat data.
● System Environments: Experience with Linux systems, IoT architectures, and the constraints of edge computing environments.

Valuable Assets (Good-to-Have)
Experience with the following specific technologies and concepts would be highly beneficial:
● Knowledge Graphs & Data Modeling: Practical experience with graph databases and threat intelligence platforms.
● AI/ML Frameworks: Familiarity with TensorFlow or PyTorch and MLOps principles.
● Edge Hardware: Experience working with embedded systems and resource-constrained edge devices (e.g., Raspberry Pi, NVIDIA Jetson).
● Security Tools: Knowledge of network monitoring tools (Wireshark, Zeek, Suricata) and Security Information and Event Management (SIEM) systems.
● Threat Data: Familiarity with cybersecurity frameworks and vulnerability databases (e.g., CVE, NVD).

Researchers must be capable of collaborating closely with industry partners to translate academic research into validated, real-world applications.