MEDIATE aims to adopt the predictive threat intelligence approach that identifies and correlates the data from various sources. This first ambition aims to generalise the threat intelligence solution, which provides root causes analysis for a better understating of the threat landscape within the interdependent components of the digital infrastructure. It develops an intelligence-driven architecture that will utilize the Machine Learning models to identify the pattern related to a given threat and feed an event-based threat model, thus achieving the rapid extraction of IoC from Threat intelligence repository through a systematic threats modelling using the event paradigm. Hence Organisation would be able to leverage such actionable information to define detection use cases and rules to proactive detect and remediate to incident or even probe the stringency of their defence by emulating such attack scenarios.

MEDIATE’s novel Decision Support System will go beyond the current state-of-the-art in two distinct aspects. First, it will leverage the power of Large Language Models within the context of recommendation systems for cybersecurity to make improved informed decisions on best defensive actions. Second, it will implement mechanisms to minimize incorrect decisions and handle situations with ambiguous outcomes.

MEDIATE’s Ambition of Cybersecurity Dynamic Hardware Reconfiguration will go beyond the current state-of-the-art in three distinct dimensions. First, reconfigurable parts of the sentinel FPGA devices will be constructed for mapping cybersecurity algorithms. These algorithms will reside in segregated sections of reconfigurable chips, operating independently from other mapped components to ensure independence and cybersecurity. Second, MEDIATE will support the dynamic reconfiguration of sentinel reconfigurable chips based on incoming data and the status of mapped components. This dynamic hardware reconfiguration framework within MEDIATE aims to augment complexity, hindering attackers’ comprehension of system parameters and complicating the construction of attack vectors against the proposed framework. Last, MEDIATE will leverage innovative FPGA technology processors, such as RISC-V, to elevate the security standards of the framework. These processors will play a crucial role in dynamically reconfiguring mapped security algorithms at the sentinel level, contributing to the heightened security profile of the proposed framework.

On Cybersecurity Dynamic Hardware Reconfiguration, MEDIATE’s primary focus will be on integrating cybersecurity algorithms tailored to enable real-time analysis of network traffic and pertinent threat data. Employing advanced analytics, such as ML techniques and models, on High-Performance Computing (HPC) platforms will facilitate the identification of threats, forecast the potential exploitability of vulnerabilities, and promptly mitigate associated threats in real-time. The utilization of deep analytics operations and ML processes will bolster correlation, reasoning, and rule-based mechanisms, enabling the prioritization of vulnerabilities and threats. Dedicated MEDIATE platforms, such as FPGA devices or high-end system servers, will host the cybersecurity components responsible for safeguarding the mapped platform through comprehensive cybersecurity measures.

Finally, MEDIATE will establish a Scalable and Intelligent Cybersecurity Command System. The development of the MEDIATE Orchestrator aims to seamlessly blend interoperability, context-awareness, and security into a unified system. Unlike existing solutions that handle these elements in isolation, the Orchestrator is designed to: (i) Integrate advanced interoperability, allowing for realtime, efficient data exchange across a diverse array of IoT, Edge, and Cloud nodes using a sophisticated publish/subscribe model. (ii) Enhance context awareness by employing Federated Learning (FL) and a labeled property graph format, enabling the system to understand complex relationships and attributes across the network for precise decision-making and tailored security measures. (iii) Strengthen security by adhering to zero trust principles, continuously validating every interaction within the network, and balancing automated security management with strategic human oversight for a robust, adaptable, and intelligent defense mechanism. This ambitious approach aims to not only address the individual challenges of interoperability, context awareness, and security but to synergize them into a cohesive, scalable, and dynamic cybersecurity command system