SCRED: a French cyber threat intelligence platform

Strength lies in numbers. To prevent cyberattacks of all kinds, a consortium of 11 French actors plans to create a unique intelligence platform, to help users identify potential threats more effectively. The project is led by Thales and was created in response to a call from Bpifrance, as part of the national cyber strategy in the France 2030 investment plan.
Recent events at Grenoble INP – UGA have shown that the cyber threat is well and truly real... According to a study by ANSSI (National Cybersecurity Agency of France) published in March, the number of intrusions detected in computer systems increased by 37% between 2020 and 2021.

To fight this phenomenon, the SCRED collaborative project (Joint Base for Cyber Intelligence and Detection), part of the France 2030 investment plan, has a proposal to create a unique platform over the next three years. It will be aimed at businesses and public administrations, granting them access to information around known threats to prevent attacks. The proposal is led by Thales and brings together 11 French cybersecurity experts. It will receive €7 million in funding over three years. “The idea is to list various known threats – worms, viruses, phishing attacks, etc. – on a single platform,” says Andrzej Duda, professor at Grenoble INP – Ensimag and researcher at LIG*, who prepared the application on behalf of Grenoble INP - UGA and the LIG laboratory, in collaboration with the KOR Labs Cybersecurity start-up, which was created out of the laboratory. “Users will be able to upload a file or URL and check if the contents of an email are legitimate, or an attachment dangerous.” In time, the platform will offer free access to certain data, as well as a paid interface for companies that need more specific information.
This data collection and analysis centre will act as a one-stop-shop, where information can be shared within a sector (finance, automotive, aeronautic, health, industry, defence) or a single community. This will respond to growing needs from actors that, up until this point, have had few tools of this kind. “While there is already a global database, VirusTotal, the platform developed by the SCRED project will provide access to more specific and targeted information for French companies and users.”

Federated learning to protect data confidentiality
As a member of the consortium, the Grenoble INP laboratory will work on training artificial intelligence algorithms using federated learning methods.  “When the data being manipulated is confidential and cannot be shared, as is the case for data from law enforcement agencies for example, we cannot use it to train AI models at headquarters. So we use federated learning, which means we can train models locally, without needing to share data and risking leaks. This allows us to produce local models that we combine together to create an overall model.”
The €750,000 grant awarded to LIG and KOR Labs as part of the SCRED project will be used, in part, to fund five theses and a number of post-doctoral fellowships in cybersecurity.

*CNRS, Grenoble INP - UGA, Inria, UGA