The cyber security group conducts practical research that advances the state of the art of cyber security technology and generates practical impacts, in particular on improving the security practice of important stakeholders of the nation, technology transfer and commercialization. Collaborating with government ministries and industrial partners, the cyber security group currently carries on a suite of data-driven projects, including enterprise log analytics for intrusion detection and threat hunting, Internet threat intelligence, blockchain security and AI security and privacy. Starting from 2017, QCRI has been designated as the key organization to establish the National Cyber Security Research Lab (NCSRL), which is a consortium of multiple ministries. NCSRL is tasked to empower the National Committee on Information Security (NCIS) with innovative technology that protects Qatar’s digital borders. The cyber security group thus also undertakes efforts to help the establishment of NCSRL, especially its infrastructure/system design and deployment.
Research Projects
aiXamine
A full stack platform to evaluate LLMs and their data against a wide range of safety issues and security threats. Currently, the evaluation covers 40+ tests across 8 services, such as safety alignment, adversarial robustness, data and model privacy, fairness and bias, and code security.
Cyber-Physical System Security
This project advances cyber-physical systems (CPS) security by developing tailored forensic, detection, and response capabilities for ICS environments targeted by Advanced Persistent Threats (APTs), while also addressing vulnerabilities in critical fieldbus technologies.
Combating Financial Fraud
Online financial fraud in Qatar has surged by 400% in two years, with losses exceeding 100 million QAR. In response, ECCCD, alongside partners like QCB, Vodafone, and Ooredoo, engaged QCRI to develop AI-driven detection tools targeting SMS fraud, spam calls, and suspicious transactions.
Enhancing Vulnerability Detection with LLM-Driven Program Analysis
This research investigates the integration of large language models (LLMs) with traditional program analysis methodologies to enhance vulnerability detection in open-source software repositories.
TokenX
A platform that enables web publishers to generate revenue while keeping their content openly accessible.
Safety and Security of LLMs
This line of research advances the development of language models that proactively reduce unintended harm by minimizing hallucinations, addressing systemic biases, and aligning outputs with broadly shared societal values.
Deepfake Detection
A comprehensive project built to detect and evaluate deepfake media across a wide range of robustness, fairness, and security dimensions.
Detecting Threats from Encrypted Traffic
This research focuses on detecting stealthy threats that utilize anonymized and encrypted traffic to evade traditional security measures.
AI-Enhanced Security Operations
Today’s security operations often depend on manual, time-consuming processes that require extensive expertise. Advancements in AI offer new opportunities to enhance and accelerate these tasks, enabling security professionals to process and analyze complex data more efficiently and accurately.