An introductory preview of Autonomous Intelligent Cyber-defense Agent reference architecture, release 2.0

Investor logo

Warning

This publication doesn't include Faculty of Arts. It includes Institute of Computer Science. Official publication website can be found on muni.cz.
Authors

KOTT Alexander THERON Paul MANCINI Luigi DUSHKU Edlira PANICO Agostino DRAŠAR Martin LEBLANC Benoit LOSIEWICZ Paul GUARINO Alessandro PIHELGAS Mauno RZADCA Krzysztof

Year of publication 2020
Type Article in Periodical
Magazine / Source The Journal of Defense Modeling and Simulation: Applications, Methodology, Technology
MU Faculty or unit

Institute of Computer Science

Citation
Web https://journals.sagepub.com/doi/10.1177/1548512919886163
Doi http://dx.doi.org/10.1177/1548512919886163
Keywords Intelligent agent; autonomy; cyber warfare; cyber defense; agent architecture
Description The North Atlantic Treaty Organization (NATO) Research Task Group IST-152 developed a concept and a reference architecture for intelligent software agents performing active, largely autonomous cyber-defense actions on military assets. The group released a detailed report, briefly reviewed in this article, where such an agent is referred to as an Autonomous Intelligent Cyber-defense Agent (AICA). In a conflict with a technically sophisticated adversary, NATO military networks will operate in a heavily contested battlefield. Enemy malware will likely infiltrate and attack friendly networks and systems. Today's reliance on human cyber defenders will be untenable on the future battlefield. Instead, artificially intelligent agents, such as AICAs, will be necessary to defeat the enemy malware in an environment of potentially disrupted communications where human intervention may not be possible. The IST-152 group identified specific capabilities of AICA. For example, AICA will have to be capable of autonomous planning and execution of complex multi-step activities for defeating or degrading sophisticated adversary malware, with the anticipation and minimization of resulting side effects. It will have to be capable of adversarial reasoning to battle against a thinking, adaptive malware. Crucially, AICA will have to keep itself and its actions as undetectable as possible, and will have to use deceptions and camouflage. The report identifies the key functions and components and their interactions for a potential reference architecture of such an agent, as well as a tentative roadmap toward the capabilities of AICA.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.