-
Doers, not Watchers: Intelligent Autonomous Agents are a Path to Cyber Resilience
Authors:
Alexander Kott,
Paul Theron
Abstract:
Today's cyber defense tools are mostly watchers. They are not active doers. To be sure, watching too is a demanding affair. These tools monitor the traffic and events; they detect malicious signatures, patterns and anomalies; they might classify and characterize what they observe; they issue alerts, and they might even learn while doing all this. But they don't act. They do little to plan and exec…
▽ More
Today's cyber defense tools are mostly watchers. They are not active doers. To be sure, watching too is a demanding affair. These tools monitor the traffic and events; they detect malicious signatures, patterns and anomalies; they might classify and characterize what they observe; they issue alerts, and they might even learn while doing all this. But they don't act. They do little to plan and execute responses to attacks, and they don't plan and execute recovery activities. Response and recovery - core elements of cyber resilience are left to the human cyber analysts, incident responders and system administrators. We believe things should change. Cyber defense tools should not be merely watchers. They need to become doers - active fighters in maintaining a system's resilience against cyber threats. This means that their capabilities should include a significant degree of autonomy and intelligence for the purposes of rapid response to a compromise - either incipient or already successful - and rapid recovery that aids the resilience of the overall system. Often, the response and recovery efforts need to be undertaken in absence of any human involvement, and with an intelligent consideration of risks and ramifications of such efforts. Recently an international team published a report that proposes a vision of an autonomous intelligent cyber defense agent (AICA) and offers a high-level reference architecture of such an agent. In this paper we explore this vision.
△ Less
Submitted 26 January, 2022;
originally announced January 2022.
-
MID-Radio Telescope, Single Pixel Feed Packages for the Square Kilometre Array: An Overview
Authors:
Alice Pellegrini,
Jonas Flygare,
Isak P. Theron,
Robert Lehmensiek,
Adriaan Peens-Hough,
Jamie Leech,
Michael E. Jones,
Angela C. Taylor,
Robert E. J. Watkins,
Lei Liu,
Andre Hector,
Biao Du,
Yang Wu
Abstract:
The Square Kilometre Array (SKA) project is an international effort to build the world s largest radio telescope, enabling science with unprecedented detail and survey speed. The project spans over a decade and is now at a mature stage, ready to enter the construction and integration phase. In the fully deployed state, the MID-Telescope consists of a 150-km diameter array of offset Gregorian anten…
▽ More
The Square Kilometre Array (SKA) project is an international effort to build the world s largest radio telescope, enabling science with unprecedented detail and survey speed. The project spans over a decade and is now at a mature stage, ready to enter the construction and integration phase. In the fully deployed state, the MID-Telescope consists of a 150-km diameter array of offset Gregorian antennas installed in the radio quiet zone of the Karoo desert (South Africa). Each antenna is equipped with three feed packages, that are precision positioned in the sub-reflector focus by a feed indexer platform. The total observational bandwidth (0.35-15.4GHz) is segmented into seven bands. Band 1 (0.35-1.05GHz) and Band 2 (0.95-1.76GHz) are implemented as individual feed packages. The remaining five bands (Bands 3, 4, 5a, 5b, and 6) are combined in a single feed package. Initially only Band 5a (4.6-8.5GHz) and Band 5b (8.3-15.4GHz) will be installed. This paper provides an overview of recent progress on design, test and integration of each feed package as well as project and science goals, timeline and path to construction.
△ Less
Submitted 5 November, 2020; v1 submitted 30 October, 2020;
originally announced October 2020.
-
The 1.28 GHz MeerKAT DEEP2 Image
Authors:
T. Mauch,
W. D. Cotton,
J. J. Condon,
A. M. Matthews,
T. D. Abbott,
R. M. Adam,
M. A. Aldera,
K. M. B. Asad,
E. F. Bauermeister,
T. G. H. Bennett,
H. Bester,
D. H. Botha,
L. R. S. Brederode,
Z. B. Brits,
S. J. Buchner,
J. P. Burger,
F. Camilo,
J. M. Chalmers,
T. Cheetham,
D. de Villiers,
M. S. de Villiers,
M. A. Dikgale-Mahlakoana,
L. J. du Toit,
S. W. P. Esterhuyse,
G. Fadana
, et al. (79 additional authors not shown)
Abstract:
We present the confusion-limited 1.28 GHz MeerKAT DEEP2 image covering one $\approx 68'$ FWHM primary beam area with $7.6''$ FWHM resolution and $0.55 \pm 0.01$ $μ$Jy/beam rms noise. Its J2000 center position $α=04^h 13^m 26.4^s$, $δ=-80^\circ 00' 00''$ was selected to minimize artifacts caused by bright sources. We introduce the new 64-element MeerKAT array and describe commissioning observations…
▽ More
We present the confusion-limited 1.28 GHz MeerKAT DEEP2 image covering one $\approx 68'$ FWHM primary beam area with $7.6''$ FWHM resolution and $0.55 \pm 0.01$ $μ$Jy/beam rms noise. Its J2000 center position $α=04^h 13^m 26.4^s$, $δ=-80^\circ 00' 00''$ was selected to minimize artifacts caused by bright sources. We introduce the new 64-element MeerKAT array and describe commissioning observations to measure the primary beam attenuation pattern, estimate telescope pointing errors, and pinpoint $(u,v)$ coordinate errors caused by offsets in frequency or time. We constructed a 1.4 GHz differential source count by combining a power-law count fit to the DEEP2 confusion $P(D)$ distribution from $0.25$ to $10$ $μ$Jy with counts of individual DEEP2 sources between $10$ $μ$Jy and $2.5$ mJy. Most sources fainter than $S \sim 100$ $μ$Jy are distant star-forming galaxies obeying the FIR/radio correlation, and sources stronger than $0.25$ $μ$Jy account for $\sim93\%$ of the radio background produced by star-forming galaxies. For the first time, the DEEP2 source count has reached the depth needed to reveal the majority of the star formation history of the universe. A pure luminosity evolution of the 1.4 GHz local luminosity function consistent with the Madau & Dickinson (2014) model for the evolution of star-forming galaxies based on UV and infrared data underpredicts our 1.4 GHz source count in the range $-5 \lesssim \log[S(\mathrm{Jy})] \lesssim -4$.
△ Less
Submitted 12 December, 2019;
originally announced December 2019.
-
When Autonomous Intelligent Goodware will Fight Autonomous Intelligent Malware: A Possible Future of Cyber Defense
Authors:
Paul Théron,
Alexander Kott
Abstract:
In the coming years, the future of military combat will include, on one hand, artificial intelligence-optimized complex command, control, communications, computers, intelligence, surveillance and reconnaissance (C4ISR) and networks and, on the other hand, autonomous intelligent Things fighting autonomous intelligent Things at a fast pace. Under this perspective, enemy forces will seek to disable o…
▽ More
In the coming years, the future of military combat will include, on one hand, artificial intelligence-optimized complex command, control, communications, computers, intelligence, surveillance and reconnaissance (C4ISR) and networks and, on the other hand, autonomous intelligent Things fighting autonomous intelligent Things at a fast pace. Under this perspective, enemy forces will seek to disable or disturb our autonomous Things and our complex infrastructures and systems. Autonomy, scale and complexity in our defense systems will trigger new cyber-attack strategies, and autonomous intelligent malware (AIM) will be part of the picture. Should these cyber-attacks succeed while human operators remain unaware or unable to react fast enough due to the speed, scale or complexity of the mission, systems or attacks, missions would fail, our networks and C4ISR would be heavily disrupted, and command and control would be disabled. New cyber-defense doctrines and technologies are therefore required. Autonomous cyber defense (ACyD) is a new field of research and technology driven by the defense sector in anticipation of such threats to future military infrastructures, systems and operations. It will be implemented via swarms of autonomous intelligent cyber-defense agents (AICAs) that will fight AIM within our networks and systems. This paper presents this cyber-defense technology of the future, the current state of the art in this field and its main challenges. First, we review the rationale of the ACyD concept and its associated AICA technology. Then, we present the current research results from NATO's IST-152 Research Task Group on the AICA Reference Architecture. We then develop the 12 main technological challenges that must be resolved in the coming years, besides ethical and political issues.
△ Less
Submitted 25 November, 2019;
originally announced December 2019.
-
Inflation of 430-parsec bipolar radio bubbles in the Galactic Centre by an energetic event
Authors:
I. Heywood,
F. Camilo,
W. D. Cotton,
F. Yusef-Zadeh,
T. D. Abbott,
R. M. Adam,
M. A. Aldera,
E. F. Bauermeister,
R. S. Booth,
A. G. Botha,
D. H. Botha,
L. R. S. Brederode,
Z. B. Brits,
S. J. Buchner,
J. P. Burger,
J. M. Chalmers,
T. Cheetham,
D. de Villiers,
M. A. Dikgale-Mahlakoana,
L. J. du Toit,
S. W. P. Esterhuyse,
B. L. Fanaroff,
A. R. Foley,
D. J. Fourie,
R. R. G. Gamatham
, et al. (74 additional authors not shown)
Abstract:
The Galactic Centre contains a supermassive black hole with a mass of 4 million suns within an environment that differs markedly from that of the Galactic disk. While the black hole is essentially quiescent in the broader context of active galactic nuclei, X-ray observations have provided evidence for energetic outbursts from its surroundings. Also, while the levels of star formation in the Galact…
▽ More
The Galactic Centre contains a supermassive black hole with a mass of 4 million suns within an environment that differs markedly from that of the Galactic disk. While the black hole is essentially quiescent in the broader context of active galactic nuclei, X-ray observations have provided evidence for energetic outbursts from its surroundings. Also, while the levels of star formation in the Galactic Centre have been approximately constant over the last few hundred Myr, there is evidence of elevated short-duration bursts, strongly influenced by interaction of the black hole with the enhanced gas density present within the ring-like Central Molecular Zone at Galactic longitude |l| < 0.7 degrees and latitude |b| < 0.2 degrees. The inner 200 pc region is characterized by large amounts of warm molecular gas, a high cosmic ray ionization rate, unusual gas chemistry, enhanced synchrotron emission, and a multitude of radio-emitting magnetised filaments, the origin of which has not been established. Here we report radio imaging that reveals bipolar bubbles spanning 1 degree x 3 degrees (140 parsecs x 430 parsecs), extending above and below the Galactic plane and apparently associated with the Galactic Centre. The structure is edge-brightened and bounded, with symmetry implying creation by an energetic event in the Galactic Centre. We estimate the age of the bubbles to be a few million years, with a total energy of 7 x 10^52 ergs. We postulate that the progenitor event was a major contributor to the increased cosmic-ray density in the Galactic Centre, and is in turn the principal source of the relativistic particles required to power the synchrotron emission of the radio filaments within and in the vicinity of the bubble cavities.
△ Less
Submitted 12 September, 2019;
originally announced September 2019.
-
Towards an Active, Autonomous and Intelligent Cyber Defense of Military Systems: the NATO AICA Reference Architecture
Authors:
Paul Theron,
Alexander Kott,
Martin Drašar,
Krzysztof Rzadca,
Benoît LeBlanc,
Mauno Pihelgas,
Luigi Mancini,
Agostino Panico
Abstract:
Within the future Global Information Grid, complex massively interconnected systems, isolated defense vehicles, sensors and effectors, and infrastructures and systems demanding extremely low failure rates, to which human security operators cannot have an easy access and cannot deliver fast enough reactions to cyber-attacks, need an active, autonomous and intelligent cyber defense. Multi Agent Syst…
▽ More
Within the future Global Information Grid, complex massively interconnected systems, isolated defense vehicles, sensors and effectors, and infrastructures and systems demanding extremely low failure rates, to which human security operators cannot have an easy access and cannot deliver fast enough reactions to cyber-attacks, need an active, autonomous and intelligent cyber defense. Multi Agent Systems for Cyber Defense may provide an answer to this requirement. This paper presents the concept and architecture of an Autonomous Intelligent Cyber defense Agent (AICA). First, we describe the rationale of the AICA concept. Secondly, we explain the methodology and purpose that drive the definition of the AICA Reference Architecture (AICARA) by NATO's IST-152 Research and Technology Group. Thirdly, we review some of the main features and challenges of Multi Autonomous Intelligent Cyber defense Agent (MAICA). Fourthly, we depict the initially assumed AICA Reference Architecture. Then we present one of our preliminary research issues, assumptions and ideas. Finally, we present the future lines of research that will help develop and test the AICA / MAICA concept.
△ Less
Submitted 7 June, 2018;
originally announced June 2018.
-
Toward Intelligent Autonomous Agents for Cyber Defense: Report of the 2017 Workshop by the North Atlantic Treaty Organization (NATO) Research Group IST-152-RTG
Authors:
Alexander Kott,
Ryan Thomas,
Martin Drašar,
Markus Kont,
Alex Poylisher,
Benjamin Blakely,
Paul Theron,
Nathaniel Evans,
Nandi Leslie,
Rajdeep Singh,
Maria Rigaki,
S Jay Yang,
Benoit LeBlanc,
Paul Losiewicz,
Sylvain Hourlier,
Misty Blowers,
Hugh Harney,
Gregory Wehner,
Alessandro Guarino,
Jana Komárková,
James Rowell
Abstract:
This report summarizes the discussions and findings of the Workshop on Intelligent Autonomous Agents for Cyber Defence and Resilience organized by the NATO research group IST-152-RTG. The workshop was held in Prague, Czech Republic, on 18-20 October 2017. There is a growing recognition that future cyber defense should involve extensive use of partially autonomous agents that actively patrol the fr…
▽ More
This report summarizes the discussions and findings of the Workshop on Intelligent Autonomous Agents for Cyber Defence and Resilience organized by the NATO research group IST-152-RTG. The workshop was held in Prague, Czech Republic, on 18-20 October 2017. There is a growing recognition that future cyber defense should involve extensive use of partially autonomous agents that actively patrol the friendly network, and detect and react to hostile activities rapidly (far faster than human reaction time), before the hostile malware is able to inflict major damage, evade friendly agents, or destroy friendly agents. This requires cyber-defense agents with a significant degree of intelligence, autonomy, self-learning, and adaptability. The report focuses on the following questions: In what computing and tactical environments would such an agent operate? What data would be available for the agent to observe or ingest? What actions would the agent be able to take? How would such an agent plan a complex course of actions? Would the agent learn from its experiences, and how? How would the agent collaborate with humans? How can we ensure that the agent will not take undesirable destructive actions? Is it possible to help envision such an agent with a simple example?
△ Less
Submitted 20 April, 2018;
originally announced April 2018.
-
Revival of the magnetar PSR J1622-4950: observations with MeerKAT, Parkes, XMM-Newton, Swift, Chandra, and NuSTAR
Authors:
F. Camilo,
P. Scholz,
M. Serylak,
S. Buchner,
M. Merryfield,
V. M. Kaspi,
R. F. Archibald,
M. Bailes,
A. Jameson,
W. van Straten,
J. Sarkissian,
J. E. Reynolds,
S. Johnston,
G. Hobbs,
T. D. Abbott,
R. M. Adam,
G. B. Adams,
T. Alberts,
R. Andreas,
K. M. B. Asad,
D. E. Baker,
T. Baloyi,
E. F. Bauermeister,
T. Baxana,
T. G. H. Bennett
, et al. (183 additional authors not shown)
Abstract:
New radio (MeerKAT and Parkes) and X-ray (XMM-Newton, Swift, Chandra, and NuSTAR) observations of PSR J1622-4950 indicate that the magnetar, in a quiescent state since at least early 2015, reactivated between 2017 March 19 and April 5. The radio flux density, while variable, is approximately 100x larger than during its dormant state. The X-ray flux one month after reactivation was at least 800x la…
▽ More
New radio (MeerKAT and Parkes) and X-ray (XMM-Newton, Swift, Chandra, and NuSTAR) observations of PSR J1622-4950 indicate that the magnetar, in a quiescent state since at least early 2015, reactivated between 2017 March 19 and April 5. The radio flux density, while variable, is approximately 100x larger than during its dormant state. The X-ray flux one month after reactivation was at least 800x larger than during quiescence, and has been decaying exponentially on a 111+/-19 day timescale. This high-flux state, together with a radio-derived rotational ephemeris, enabled for the first time the detection of X-ray pulsations for this magnetar. At 5%, the 0.3-6 keV pulsed fraction is comparable to the smallest observed for magnetars. The overall pulsar geometry inferred from polarized radio emission appears to be broadly consistent with that determined 6-8 years earlier. However, rotating vector model fits suggest that we are now seeing radio emission from a different location in the magnetosphere than previously. This indicates a novel way in which radio emission from magnetars can differ from that of ordinary pulsars. The torque on the neutron star is varying rapidly and unsteadily, as is common for magnetars following outburst, having changed by a factor of 7 within six months of reactivation.
△ Less
Submitted 5 April, 2018;
originally announced April 2018.
-
Autonomous Intelligent Cyber-defense Agent (AICA) Reference Architecture. Release 2.0
Authors:
Alexander Kott,
Paul Théron,
Martin Drašar,
Edlira Dushku,
Benoît LeBlanc,
Paul Losiewicz,
Alessandro Guarino,
Luigi Mancini,
Agostino Panico,
Mauno Pihelgas,
Krzysztof Rzadca,
Fabio De Gaspari
Abstract:
This report - a major revision of its previous release - describes a reference architecture for intelligent software agents performing active, largely autonomous cyber-defense actions on military networks of computing and communicating devices. The report is produced by the North Atlantic Treaty Organization (NATO) Research Task Group (RTG) IST-152 "Intelligent Autonomous Agents for Cyber Defense…
▽ More
This report - a major revision of its previous release - describes a reference architecture for intelligent software agents performing active, largely autonomous cyber-defense actions on military networks of computing and communicating devices. The report is produced by the North Atlantic Treaty Organization (NATO) Research Task Group (RTG) IST-152 "Intelligent Autonomous Agents for Cyber Defense and Resilience". In a conflict with a technically sophisticated adversary, NATO military tactical networks will operate in a heavily contested battlefield. Enemy software cyber agents - malware - will infiltrate friendly networks and attack friendly command, control, communications, computers, intelligence, surveillance, and reconnaissance and computerized weapon systems. To fight them, NATO needs artificial cyber hunters - intelligent, autonomous, mobile agents specialized in active cyber defense. With this in mind, in 2016, NATO initiated RTG IST-152. Its objective has been to help accelerate the development and transition to practice of such software agents by producing a reference architecture and technical roadmap. This report presents the concept and architecture of an Autonomous Intelligent Cyber-defense Agent (AICA). We describe the rationale of the AICA concept, explain the methodology and purpose that drive the definition of the AICA Reference Architecture, and review some of the main features and challenges of AICAs.
△ Less
Submitted 22 March, 2023; v1 submitted 28 March, 2018;
originally announced March 2018.
-
Engineering and Science Highlights of the KAT-7 Radio Telescope
Authors:
A. R. Foley,
T. Alberts,
R P. Armstrong,
A. Barta,
E. F. Bauermeister,
H. Bester,
S. Blose,
R. S. Booth,
D. H. Botha,
S. J. Buchner,
C. Carignan,
T. Cheetham,
K. Cloete,
G. Coreejes,
R. C. Crida,
S. D. Cross,
F. Curtolo,
A. Dikgale,
M. S. de Villiers,
L. J. du Toit,
S. W. P. Esterhuyse,
B. Fanaroff,
R. P. Fender,
M. Fijalkowski,
D. Fourie
, et al. (78 additional authors not shown)
Abstract:
The construction of the KAT-7 array in the Karoo region of the Northern Cape in South Africa was intended primarily as an engineering prototype for technologies and techniques applicable to the MeerKAT telescope. This paper looks at the main engineering and scien- tific highlights from this effort, and discusses their applicability to both MeerKAT and other next-generation radio telescopes. In par…
▽ More
The construction of the KAT-7 array in the Karoo region of the Northern Cape in South Africa was intended primarily as an engineering prototype for technologies and techniques applicable to the MeerKAT telescope. This paper looks at the main engineering and scien- tific highlights from this effort, and discusses their applicability to both MeerKAT and other next-generation radio telescopes. In particular we found that the composite dish surface works well, but it becomes complicated to fabricate for a dish lacking circular symmetry; the Stir- ling cycle cryogenic system with ion pump to achieve vacuum works but demands much higher maintenance than an equivalent Gifford-McMahon cycle system; the ROACH (Recon- figurable Open Architecture Computing Hardware)-based correlator with SPEAD (Stream- ing Protocol for Exchanging Astronomical Data) protocol data transfer works very well and KATCP (Karoo Array Telescope Control Protocol) control protocol has proven very flexible and convenient. KAT-7 has also been used for scientific observations where it has a niche in map** low surface-brightness continuum sources, some extended HI halos and OH masers in star-forming regions. It can also be used to monitor continuum source variability, observe pulsars, and make VLBI observations
△ Less
Submitted 9 June, 2016;
originally announced June 2016.