Toward Intelligent Autonomous Agents for Cyber Defense: Report of the 2017 Workshop by the North Atlantic Treaty Organization (NATO) Research Group IST-152-RTG
Authors:
Alexander Kott,
Ryan Thomas,
Martin Drašar,
Markus Kont,
Alex Poylisher,
Benjamin Blakely,
Paul Theron,
Nathaniel Evans,
Nandi Leslie,
Rajdeep Singh,
Maria Rigaki,
S Jay Yang,
Benoit LeBlanc,
Paul Losiewicz,
Sylvain Hourlier,
Misty Blowers,
Hugh Harney,
Gregory Wehner,
Alessandro Guarino,
Jana Komárková,
James Rowell
Abstract:
This report summarizes the discussions and findings of the Workshop on Intelligent Autonomous Agents for Cyber Defence and Resilience organized by the NATO research group IST-152-RTG. The workshop was held in Prague, Czech Republic, on 18-20 October 2017. There is a growing recognition that future cyber defense should involve extensive use of partially autonomous agents that actively patrol the fr…
▽ More
This report summarizes the discussions and findings of the Workshop on Intelligent Autonomous Agents for Cyber Defence and Resilience organized by the NATO research group IST-152-RTG. The workshop was held in Prague, Czech Republic, on 18-20 October 2017. There is a growing recognition that future cyber defense should involve extensive use of partially autonomous agents that actively patrol the friendly network, and detect and react to hostile activities rapidly (far faster than human reaction time), before the hostile malware is able to inflict major damage, evade friendly agents, or destroy friendly agents. This requires cyber-defense agents with a significant degree of intelligence, autonomy, self-learning, and adaptability. The report focuses on the following questions: In what computing and tactical environments would such an agent operate? What data would be available for the agent to observe or ingest? What actions would the agent be able to take? How would such an agent plan a complex course of actions? Would the agent learn from its experiences, and how? How would the agent collaborate with humans? How can we ensure that the agent will not take undesirable destructive actions? Is it possible to help envision such an agent with a simple example?
△ Less
Submitted 20 April, 2018;
originally announced April 2018.
The Future Internet of Things and Security of its Control Systems
Authors:
Misty Blowers,
Jose Iribarne,
Edward Colbert,
Alexander Kott
Abstract:
We consider the future cyber security of industrial control systems. As best as we can see, much of this future unfolds in the context of the Internet of Things (IoT). In fact, we envision that all industrial and infrastructure environments, and cyber-physical systems in general, will take the form reminiscent of what today is referred to as the IoT. IoT is envisioned as multitude of heterogeneous…
▽ More
We consider the future cyber security of industrial control systems. As best as we can see, much of this future unfolds in the context of the Internet of Things (IoT). In fact, we envision that all industrial and infrastructure environments, and cyber-physical systems in general, will take the form reminiscent of what today is referred to as the IoT. IoT is envisioned as multitude of heterogeneous devices densely interconnected and communicating with the objective of accomplishing a diverse range of objectives, often collaboratively. One can argue that in the relatively near future, the IoT construct will subsume industrial plants, infrastructures, housing and other systems that today are controlled by ICS and SCADA systems. In the IoT environments, cybersecurity will derive largely from system agility, moving-target defenses, cybermaneuvering, and other autonomous or semi-autonomous behaviors. Cyber security of IoT may also benefit from new design methods for mixed-trusted systems; and from big data analytics -- predictive and autonomous.
△ Less
Submitted 6 October, 2016;
originally announced October 2016.
