IBM Cyber Security Center of Excellence (CCoE)

Beer Sheva

in Collaboration with Ben-Gurion University of the Negev

Product Innovation

Detection of Financial Fraud

In this project, CCoE researchers in collaboration with IBM's Trusteer unit have developed a solution to prevent phishing attacks, which are a common root cause of financial fraud. With this capability, which was announced in 1Q2017, IBM Trusteer products can reliably detect and prevent the full range of attack vectors responsible for the majority of online, mobile and cross-channel fraud.

Transforming Phishing Protection with IBM Trusteer
IBM Security Trusteer Phishing Detection

 

Behavioral Biometrics

In this project, CCoE researchers in collaboration with IBM's Trusteer unit have designed and implemented a technology, based on machine learning, that uses behavioral biometric algorithm to continuously verify a user's identity. The technology has been integrated in Trusteer's PinPoint Detect product on October 27, 2016.

 

User Behavior Analytics

In this project, CCoE researchers in collaboration with developers from IBM Security have designed and developed an extension of the IBM QRadar security intelligence platform, allowing to analyze the usage patterns of insiders to determine if their credentials or systems have been compromised. This work was productized and announced by IBM's Security Division on July 28, 2016.


Publications

 

Attack Generation and Simulation

In this project, CCoE researchers have created a tool called Attack Simulator/Generator (AS/G) that injects simulated security events into a SIEM* system . Two key applications of AS/G are (a) testing the adequacy of SIEM installations and (b) testing and improving the readiness of SoC operators. AS/G has been developed as an application on top of the Qradar App Framework.

*SIEM - Security Information and Event Management - is a core component of security operation centers, where security-related data is collected, correlated monitored and ultimately used to identify security risks.

 

Cognitive Data Insight

Cognitive Data Insight Demo

In this project, CCoE researchers in collaboration with IBM's Guardium unit have developed an innovative approach for visualizing database transactions in a single 3D view, empowering security teams to detect and flag suspicious actions on data before they turn into a breach . The capability has been integrated in Guardium V10.1.2 and released on December 5, 2016.

 

Securing Connected Cars

In this project, CCoE researchers and IBM product developers collaborate with specialists from the automotive industry to build an industry-first solution for protecting connected cars, addressing the unique threats of this emerging market. Based on novel artificial intelligence methods and high-performance algorithms to cross-correlate data from a variety of sources inside and outside of the car, the IBM solution provides a complete security analytics foundation for the automotive industry.

IBM collaborates with Harman to protect connected cars

 

Preventing Malware Attacks

In this project, IBM's CCoE is leading a international R&D team that develops a next-generation malware detection solution, base on novel AI-based techniques and sandboxing algorithms. The solution has been purposely designed to enable in-depth file inspection and high throughput so as to support demanding use cases. A first version of the solution has been integrated as a web service on top of the Xforce Exchange platform and is currently available in beta form for selected partners.