Leidos Releases Open-Source AI Tool to Expose and Combat Mutative Cyber Threats

Every time you shop online, send an email, or use social media, you’re relying on cybersecurity controls to keep your information safe. But hackers are always finding new ways to break into systems, steal data, and cause harm. Stopping them is a big challenge because their attacks are designed to evade defenses and are constantly mutating.   

To fight back, we need smarter tools – and that’s where fusing AI-ML research with patented pen testing is a game changer. Released in support  of updates to Executive Orders 13694 and 14144, the Leidos Cyber Accelerator’s Firewall Attack Detections and Extractions (FADE) dataset uses firewall rules to automatically generate mutations of network attacks at the scale and speed of AI, exposing attacker obfuscation techniques. FADE injects 10 million attacks across eight common categories into 50 million network traffic stream requests. The result is the ability to see what was malicious and where it hides inside a request. 

FADE includes eight types of common cyberattacks like SQL injection (used to steal data) and cross-site scripting (used to trick websites). It also provides detailed information about where the attacks hide in the data, helping researchers understand how hackers operate.    

AI systems are only as good as the data they learn from. If the data is too simple or unrealistic, AI will not be able to handle real-world challenges. FADE solves this problem by providing realistic examples of attacks, created by cybersecurity experts and researchers at Leidos.  

Leidos is sharing FADE for free on IEEE DataPort, a website where researchers can download datasets. By making FADE open to everyone, Leidos is helping the entire cybersecurity community work together to build better defenses.