Interview with Team MORPH, Second-Prize Winners of the COcyber AI Cybersecurity Deephack

From April 24 to 26, 2025, COcyber AI Cybersecurity Deephack brought together a diverse group of participants - from PhD students and young professionals to startup founders and cyber enthusiasts - for an intense 48-hour challenge focused on one critical question: can artificial intelligence stop the next big phishing attack?

With dual-use applicability at the core of the challenge, teams had to consider the needs of both civilian and defence sectors, addressing issues like multilingual threats, adversarial techniques, and infrastructure limitations.

From natural language processing to anomaly detection and threat intelligence, participants had to think fast, collaborate efficiently, and push the boundaries of what’s currently possible in AI-driven cybersecurity. Working under pressure through checkpoints, mentoring sessions, and live pitching, they built prototypes that could function across languages, contexts, and threat levels. But behind the tech, the real engine of the Deephack was collaboration 

We sat down with the winning teams to hear how they approached this complex task and where they plan to go next. In this article, we introduce you to Team MORPH, the second-prize winner of the COcyber AI Cybersecurity Deephack.

Can you introduce your team?Who are you, what are your backgrounds, and what brought you together to take part in this Deephack?

Team MORPH consists of four PhD researchers with complementary expertise in artificial intelligence and cybersecurity. Daniele specializes in cybersecurity and adversarial machine learning. Jeremie brings expertise in text analysis and large language models. Khaled offers anomaly detection expertise that supports the detection of stealthy threats. Finally, Gian Marco is handling business development with strength in forecasting and business strategy. Our shared passion for creating solutions that work across both civilian and military contexts motivated us to tackle this challenge.

Phishing attacks are evolving and growing more sophisticated. What approach did you use to build an AI-driven system that can detect and prevent phishing in real-time?. How did you design an AI-driven solution, what technologies or methods did you use (e.g. NLP, anomaly detection, threat intelligence)?

MORPH leverages federated learning to enable collaborative defense while keeping sensitive data private, addressing the impossible tradeoff many organizations face between privacy and security. Our system incorporates adversarial robustness techniques to defend against sophisticated evasion tactics employed in modern phishing attempts. MORPH features advanced intent classification that categorizes attacks into six distinct categories, helping organizations gather hints on the attacks that go beyond simple binary detection. The solution is designed to operate iin both air-gapped military networks and cloud enterprise environments through a unified architecture, breaking down the traditional silos between military and civilian cybersecurity solutions.

 How did you ensure your solution could be applied in both civilian and defence contexts?Dual-use was a key aspect of this deephack. What design choices helped you meet that goal?

Dual-use applicability was central to our design philosophy. We created a unified architecture that works equally well in close, highly protected military networks and civilian cloud environments, eliminating the need for separate solutions. Our federated learning approach ensures that sensitive data remains protected, critical for defense operations and privacy-conscious enterprises. To add a layer of robustness, we incorporated adversarial robustness techniques designed to test the boundaries of both military and civilian defenses. MORPH's intent classification system was developed with use cases from both sectors in mind, ensuring it addresses the specific threat taxonomies relevant to each while maintaining compatibility. This careful balance allows for knowledge sharing between domains without compromising security or operational requirements.

 In your opinion, how can AI strengthen cybersecurity resilience in the years to come across both public and defence sectors? We’d love to hear your broader reflections based on what you learned through this challenge.

It poses critical challenges, mainly due to the rise of generative AI. Think about the time a Large Language model takes to craft a human-like text; it is not hard to imagine the same model can be used for sending hundreds of phishing emails at a second. As AI-based attacks become increasingly comparable to humans in quality and significantly less expensive to craft, a scenario where stealthy machine-made phishing becomes part of our daily lives is certainly possible. 

But not all is lost. AI will transform cybersecurity from reactive to predictive across both military and civilian sectors by identifying patterns invisible to human analysts. Federated learning can enable unprecedented collaboration without compromising sensitive data, allowing both realities to benefit from each other's insights while maintaining operational security. And generative AI can also be used to test and improve the security of existing systems through a process called adversarial training, where systems are constantly stress-tested through advanced attacks and, when a vulnerability is found, are automatically updated to address it. Finally, AI-driven automation will hopefully address the critical cybersecurity talent shortage, allowing human experts to focus on higher-level strategy.

What’s next for your project? Do you plan to further develop your solution or bring it closer to market or real-world deployment?

We are excited to leverage our Deephack second place by participating in the Speed Master Executive Course offered as a reward for winning teams. This 10-week program, starting May 20th, will provide us with crucial insights on management, strategy, business development, and access to finance—all essential as we prepare to bring MORPH to market. We will also be actively reaching out to investors who understand both enterprise and defense cybersecurity markets, using our working prototype and business plan as our foundation. The timing could not be better, with Market Research Future (MRFR) reporting a $6.8 billion market by 2025 at a 16.2% CAGR. We are eager to transform our innovative approach to phishing detection from a winning hackathon concept into a market-ready solution that bridges the gap between civilian and military cybersecurity needs.