Cyber threats have grown exponentially as the modern web and powerful AI systems have proliferated. We’re designing systems to secure the hybrid cloud and AI for sensitive datasets to ensure organizations can continue to operate safely and securely.
At Security Research, we are working to protect systems in the always-on, mission-critical world of the cloud today. We focus on threat management and security for hybrid cloud data and AI, and are establishing technologies to detect threats and resolve them across the cloud landscape. We analyze security of deployed systems at scale to identify 0-day vulnerabilities proactively.
We’re researching novel ways to secure the cloud and AI using the latest cryptographic innovations including fully homomorphic encryption services leading to AI for encrypted data, allowing organizations to wield the power of AI on sensitive data. Our research takes a full-stack approach ranging from hardware-based security mechanisms to security of cloud-native applications. We’re working on securing the systems of tomorrow, too, with scalable decentralized identity and data architectures, software supply-chain security and quantum-safe cryptography.
- Cloud Security: Infrastructure and ApplicationsAdvancing the system integrity of cloud systems in mission-critical situations.
- CryptographyBuilding the next generation of private, authenticated, and confidential communication cyrtopgraphy tools.
- Data and AI SecurityDesigning systems to monitor and protect sensitive data for robust and secure AI systems on the hybrid cloud.
- Security Analysis at ScaleBuilding trusted systems that can proactively help organizations defend against advanced cyber attacks.
- Threat ManagementBuilding the next wave of tools to help security teams detect and deflect against advanced cybersecurity threats.
- Trusted Decentralized SystemsLeveraging decentralization to enable cross-enterprise identity, business asset exchange and optimized supply chains.
Tools + code
AI Privacy 360
Tools to support the assessment of privacy risks of AI-based solutions, and to help them adhere to any relevant privacy requirements. Tradeoffs between privacy, accuracy, and performance can be explored at different stages in the machine learning lifecycle.View project →
Kestrel Threat Hunting Language
Kestrel threat hunting language provides an abstraction for threat hunters to focus on the high-value and composable threat hypothesis development instead of specific realization of hypothesis testing with heterogeneous data sources, threat intelligence, and public or proprietary analytics.View project →
SysFlow is a system telemetry framework that enables the creation of security analytics on a scalable, common open-source platform. The backbone of the telemetry pipeline is a compact open data format that lifts the representation of system activities into a flow-centric, object-relational model that reduces event fatigue and is particularly suitable for cloud-wide monitoring, stream analytics, and forensic investigation.View project →
Hyperledger Fabric Smart Client
A Fabric client-side component that simplifies the development of Fabric-based distributed application, enabling developers to focus on the business processes and not the blockchain technicalities.View project →
Libtpms-based Trusted Platform Module (TPM) emulator with socket, character device, and Linux CUSE interface.View project →
Open Quantum Safe
An open-source project to support the development and prototyping of quantum-resistant cryptography.View project →
HELayers – Community Edition
SDKs for computing on encrypted data without decrypting it, provided via Docker container. Equipped with C++ and Python API’s and includes Jupyter Notebooks and VS Code IDEs with demonstrations, tutorials and documentation for AI/ML and encrypted search applications. Support for Linux, Intel, MacOS and s390x platforms.View project →
- CSCML 2022
- Eurocrypt 2022
- FHE.org 2022
- S&P 2022
- ACL 2022
- SAC 2022
- Deep Dive
- See more of our work on Security
Innovations from our Security Research teams are regularly developed into cutting-edge new capabilities for IBM’s Security offerings.