Intelligent, Autonomous and Trusted Agents for Cyber Defense and Resilience  (IST-152)

  RTO Task Group
  Scientific report not yet available.
  Contact STO/CSO Panel Office
  Approved: 2016
Start: 9/1/2016
End: 8/1/2019
  Cyber Defense Operations; Computer Information Systems (CIS); Information & Communications Technology (ICT); Intelligent Agents; Autonomous Cyber Defense; Autonomous Behaviors
  ACOBulgariaCzech RepublicFranceGermanyItalyPolandTurkeyUnited States
  United States
Theoretical foundations and formulations of problems of intelligent autonomy in cyber defense; Practical architectures and functions of such agents; Observability, controllability and control-theoretic approaches for human control of agents; Relevance of Physical Robotics approaches; Formal languages and near-natural languages for specifying and controlling intelligent cyber agents; Assessment of barriers to successful use of autonomous cyber agents; Analysis of known related approaches and methods; Assessment, management and maintenance of trust between humans and agents and multiple agents; Validation of the agents behavior; Situational awareness of and about agents; formulation and encoding of rules of engagement; mission formulation, planning and communication for the agents; adversarial decision-making and game-theoretic reasoning for the agents.
This project will research potential future threats and opportunities in the area of future intelligent autonomous agents in cyber operations. Such agents may potentially serve as fundamental game-changers in the way the cyber defence and offense are conducted. Their autonomous reasoning and cyber actions for prevention, detection and active response to cyber threats may become critical enablers for NATO. Cyber weapons (malware) rapidly grow in their sophistication, and in their ability to act autonomously and to adapt to specific conditions encountered in a friendly system/network. Current practices of cyber defense against advanced threats continue to be heavily reliant on largely manually driven analysis, detection and defeat of such malware. There is a growing recognition that the future cyber defense should involve extensive use of partially autonomous agents that actively patrol the friendly network, and detect and react to hostile activities rapidly (fat faster than human reaction time), before the hostile malware is able to inflict major damage, or evade the friendly agents, or destroy the friendly agent. This requires cyber defense agents with a significant degree of intelligence, autonomy, self-learning and adaptability. Autonomy, however, comes with difficult challenges of trust and control by humans. This project will explore how the directions of current and future science and technology may impact and define the potential breakthroughs in this field. The RTG will produce a comprehensive report – and as a stretch goal also a published book – detailing the current state of research, projections and recommended technical roadmap with focus on potential future threats and opportunities in the area of future intelligent agents in cyber operations. These agents’ autonomous reasoning and cyber actions for prevention, detection and active response to cyber threats may become critical enablers for NATO. The recommendations may include (a) suggested directions and approaches for R&D of new tools, and (b) suggested for investigation of emerging technologies and tools available from academia and industry. The recommendations will provided to NATO stakeholders, such as NATO Communications and Information Agency (NCIA); NATO Allied Command Transformation (ACT); NATO Cyber Defence Management Board; NATO Consultation, Command, and Control Board (C3B); NATO Emerging Security Challenges Division (ESCD); NATO Cooperative Cyber Defence Centre of Excellence, Estonia; US Army Cyber Command, Unites States; Other National Stakeholders; such organizations have significant operational responsibilities that would benefit from insights on potential threats and opportunities, and also influence R&D activities of the NATO nations that will gain from a vision of potential targets for research, development and acquisition. REFERENCES: Kott, Swami, McDaniel. "Six cyber game changers for the next 15 years." (2014); Carver, et al. "A methodology for using intelligent agents to provide automated intrusion response." (2000); Dasgupta, "Immuno-inspired autonomic system for cyber defense." (2007); Tyugu, "Artificial intelligence in cyber defense." (2011)
(1) To characterize – objectively and partly quantitatively -- the current state of research and capabilities in the field of intelligent, autonomous cyber defense agents, and develop a prioritized assessment of potential methodological and technical approaches with the focus on agents capable of agile patrolling and defensive actions constrained to operations on friendly networks within the bounds of prescribed rules of engagement. (2) To assess and validate the current state-of-art in the academic, defense and other communities through a focused technical workshop at the NATO UNCLASSIFIED (NU) level. (3) To develop an initial roadmap for development of a comprehensive set of methodologies, technologies and tools for advancing the state of capabilities in intelligent autonomous agents for cyber defense. (4) To develop a set of technical communication products that will include a comprehensive technical report, a book, a database of relevant efforts prototypes and products in industry and academia, and a multi-media presentation intended for communicating the ideas to senior decision-makers of NATO Nations.

Other Research Areas related to IST-152

Matching Activity(ies) Relevance
B10.05 - No longer in use
Show/Hide RTO
C07.02 - Information Warfare
Show/Hide RTO
R02.H03 - Cyber Warfare Capability
Show/Hide RTO
R02.M11 - Information Assurance Services
Show/Hide RTO