International Scientific Report on the Safety of Advanced AI

Bengio, Yoshua; Privitera, Daniel; Besiroglu, Tamay; Bommasani, Rishi; Casper, Stephen; Choi, Yejin; Goldfarb, Danielle; Heidari, Hoda; Khalatbari, Leila; Longpre, Shayne; Mavroudis, Vasilios; Mazeika, Mantas; Ng, Kwan Yee; Okolo, Chinasa T.; Raji, Deborah; Skeadas, Theodora; Tram\`{e}r, Florian; Fox, Bronwyn; Ponce de Leon Ferreira de Carvalho,; Nemer, Mona; Pezoa Rivera, Raquel; Zeng, Yi; Heikkila, Juha; Avrin, Guillaume; Kruger, Antonio; Ravindran, Balaraman; Riza, Hammam; Seoighe, Ciar\'{a}n; Katzir, Ziv; Monti, Andrea; Kitano, Hiroaki; Kerema, Mary; L\'{o}pez Portillo, Jos\'{e} Ram\'{o}n; Sheikh, Haroon; Jolly, Gill; Ajala, Olubunmi; Ligot, Dominic; Lee, Kyoung Mu; Hatip, Ahmet Halit; Rugege, Crystal; Albalawi, Fahad; Wong, Denise; Oliver, Nuria; Busch, Christian; Molchanovskyi, Oleksii; Alserkal, Marwan; Khan, Saif M.; McLean, Angela; Gill, Am; Mindermann, Soren; Adekanmbi, Bayo; Christiano, Paul; Dalrymple, David; Dietterich, Thomas G.; Felten, Edward; Fung, Pascale; Gourinchas, Pierre-Olivier; Jennings, Nick; Liang, Percy; Ludermir, Teresa; Marda, Vidushi; Margetts, Helen; McDermid, John A.; Narayanan, Arvind; Nelson, Alondra; Oh, Alice; Ramchurn, Gopal; Russell, Stuart; Schaake, Marietje; Song, Dawn; Soto, Alvaro; Tiedrich, Lee; Varoquaux, Gael; Zhang, Ya-Qin; Prudhomme, Benjamin

doi:10.1038/497439a

Explaining the science

The AI for Cyber Defence (AICD) Research Centre leads cutting-edge research in autonomous cyber defence (ACD), employing innovative techniques such as Deep Reinforcement Learning (DRL) and Large Language Models (LLMs). While DRL enables agents to strategize and adapt in complex, dynamic environments, LLMs excel in understanding and analyzing vast datasets to identify vulnerabilities, automate threat detection, and develop advanced countermeasures.

AICD has transformed conventional approaches to cyber security by developing and validating autonomous systems capable of securing networks in real-world conditions, including degraded and denied environments. Our work bridges gaps in existing methodologies by integrating advanced machine learning techniques with robust testing and evaluation frameworks. These efforts ensure our autonomous agents are resilient, explainable, and operationally effective, driving significant advancements in national cyber defence.

AICD has de-risked key approaches and transitioned some directly toward operational readiness. We have also ruled out less viable directions, focusing resources on impactful, scalable solutions that keep the UK at the forefront of AI-driven cyber defence.

Centre aims

The AI for Cyber Defence (AICD) Research Centre, led by principal investigators Vasilios Mavroudis and Chris Hicks, seeks to fundamentally transform digital security through advanced AI techniques. Key research areas include:

Autonomous Cyber Operations and Network Defence: Developing intelligent agents capable of managing and defending networks autonomously.
AI for Systems Security: Investigating how attackers and defenders can leverage AI in adversarial scenarios to enhance resilience.
Adaptive Fuzzing and Vulnerability Detection: Creating intelligent agents that discover and mitigate vulnerabilities in software and hardware.
Cryptographic Security: Assessing AI’s potential to aid in cryptanalysis and improve protocol security.

While we leverage DRL, LLMs, and other advanced methodologies, we remain focused on solving practical security challenges. This includes creating explainable systems, ensuring adaptability to novel threats, and preserving privacy, all critical to real-world applications.

By combining research excellence with operational focus, AICD delivers cutting-edge solutions that advance autonomous cyber defence capabilities for national security.

Mailing List

We maintain a mailing list bringing together a community of people with an interest in AI and its applications to cyber defence.

Mailing List Sign up

Internships

Our team welcomes applications from PhD and undergraduate students. We accept applications through the Turing Internship Network (TIN). Please consult the TIN page for dates and prerequisites.

TIN: Internship Applications

Selected publications

Humanity's Last Exam
Dan Hendrycks et al. (represented by Vasilios Mavroudis), 2025

Inherently Interpretable and Uncertainty-Aware Models for Online Learning in Cyber-Security Problems
Benjamin Kolicic, Alberto Caron, Chris Hicks, Vasilios Mavroudis, ARTMAN Annual Computer Security Applications Conference (ACSAC) 2024

Benchmarking OpenAI o1 in Cyber Security
Dan Ristea, Vasilios Mavroudis, Chris Hicks, 2024

SoK: On Closing the Applicability Gap in Automated Vulnerability Detection
Ezzeldin Shereen, Dan Ristea, Sanyam Vyas, Shae McFadden, Madeleine Dwyer, Chris Hicks, Vasilios Mavroudis, 2024

CybORG++: An Enhanced Gym for the Development of Autonomous Cyber Agents [Repository]
Harry Emerson, Liz Bates, Chris Hicks, Vasilios Mavroudis, 2024

A View on Out-of-Distribution Identification from a Statistical Testing Theory Perspective [pdf]
Alberto Caron, Chris Hicks, Vasilios Mavroudis, 2024

Online Convex Optimisation: The Optimal Switching Regret for all Segmentations Simultaneously [pdf]
Stephen Pasteris, Chris Hicks, Vasilios Mavroudis, Mark Herbster, Conference on Neural Information Processing Systems (NeurIPS), 2024 [Spotlight]

Entity-based Reinforcement Learning for Autonomous Cyber Defence
Isaac Symes Thompson, Alberto Caron, Chris Hicks, Vasilis Mavroudis, Workshop on Autonomous Cybersecurity (AutonomousCyber), 2024

Environment Complexity and Nash Equilibria in a Sequential Social Dilemma
Mustafa Yasir, Andrew Howes, Vasilios Mavroudis, Chris Hicks, 17th European Workshop on Reinforcement Learning (EWRL), 2024

Autonomous cyber defence: Beyond games?
Chris Hicks, Vasilios Mavroudis, 2024

International Scientific Report on the Safety of Advanced AI
Bengio, Yoshua; Privitera, Daniel; Besiroglu, Tamay; Bommasani, Rishi; Casper, Stephen; Choi, Yejin; Goldfarb, Danielle; Heidari, Hoda; Khalatbari, Leila; Longpre, Shayne et al., Department for Science, Innovation and Technology, 2024

Mitigating Deep Reinforcement Learning Backdoors in the Neural Activation Space
Vyas S., Hicks C., Mavroudis V., Deep Learning Security and Privacy Workshop (DLSP), 2024

Wendigo: Deep Reinforcement Learning for Denial-of-Service Query Discovery in GraphQL
McFadden S., Maugeri M., Hicks C., Mavroudis V., Pierazzi F., Deep Learning Security and Privacy Workshop (DLSP), 2024

The Role of the Space Domain in the Russia-Ukraine War The impact of converging space and AI technologies Expert Analysis Theodora Ogden, Anna Knack, Mélusine Lebret, James Black, Vasilios Mavroudis, Expert Analysis CETaS, 2024

Nearest Neighbour with Bandit Feedback
Pasteris S., Hicks C., Mavroudis V., Annual Conference on Neural Information Processing Systems (NeurIPS), 2023

Adaptive Webpage Fingerprinting from TLS Traces
Mavroudis V., Hayes J., 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2023

Reward Shaping for Happier Autonomous Cyber Security Agents
Bates E., Mavroudis V., Hicks C., 16th ACM Workshop on Artificial Intelligence and Security (AISec), 2023

Canaries and Whistles: Resilient Drone Communication Networks with (or without) Deep Reinforcement Learning
Hicks C., Mavroudis V., Foley M., Davies T., Highnam K., Watson T., 16th ACM Workshop on Artificial Intelligence and Security (AISec), 2023

Inroads into Autonomous Network Defence using Explained Reinforcement Learning, Conference on Applied Machine Learning for Information Security, Foley, M., Wang, M., Zoe M., Hicks C., and Mavroudis, V., 2022, October.

Autonomous Network Defence using Reinforcement Learning. In Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security, Foley, M., Hicks, C., Highnam, K. and Mavroudis, V., 2022, May.