Automated Cyber Defence: A Review
- URL: http://arxiv.org/abs/2303.04926v1
- Date: Wed, 8 Mar 2023 22:37:50 GMT
- Title: Automated Cyber Defence: A Review
- Authors: Sanyam Vyas, John Hannay, Andrew Bolton and Professor Pete Burnap
- Abstract summary: Research within Automated Cyber Defence will allow the development and enabling intelligence response by autonomously defending networked systems through sequential decision-making agents.
This article comprehensively elaborates the developments within Automated Cyber Defence through a requirement analysis divided into two sub-areas, namely, automated defence and attack agents and Autonomous Cyber Operation (ACO) Gyms.
The requirement analysis is also used to critique ACO Gyms with an overall aim to develop them for deploying automated agents within real-world networked systems.
- Score: 0.0
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Within recent times, cybercriminals have curated a variety of organised and
resolute cyber attacks within a range of cyber systems, leading to
consequential ramifications to private and governmental institutions. Current
security-based automation and orchestrations focus on automating fixed purpose
and hard-coded solutions, which are easily surpassed by modern-day cyber
attacks. Research within Automated Cyber Defence will allow the development and
enabling intelligence response by autonomously defending networked systems
through sequential decision-making agents. This article comprehensively
elaborates the developments within Automated Cyber Defence through a
requirement analysis divided into two sub-areas, namely, automated defence and
attack agents and Autonomous Cyber Operation (ACO) Gyms. The requirement
analysis allows the comparison of automated agents and highlights the
importance of ACO Gyms for their continual development. The requirement
analysis is also used to critique ACO Gyms with an overall aim to develop them
for deploying automated agents within real-world networked systems. Relevant
future challenges were addressed from the overall analysis to accelerate
development within the area of Automated Cyber Defence.
Related papers
- Exploring the Adversarial Vulnerabilities of Vision-Language-Action Models in Robotics [70.93622520400385]
This paper systematically quantifies the robustness of VLA-based robotic systems.
We introduce an untargeted position-aware attack objective that leverages spatial foundations to destabilize robotic actions.
We also design an adversarial patch generation approach that places a small, colorful patch within the camera's view, effectively executing the attack in both digital and physical environments.
arXiv Detail & Related papers (2024-11-18T01:52:20Z) - Multi-Agent Actor-Critics in Autonomous Cyber Defense [0.5261718469769447]
Multi-Agent Deep Reinforcement Learning (MADRL) presents a promising approach to enhancing the efficacy and resilience of autonomous cyber operations.
We demonstrate each agent is able to learn quickly and counter act on the threats autonomously using MADRL in simulated cyber-attack scenarios.
arXiv Detail & Related papers (2024-10-11T15:15:09Z) - The Path To Autonomous Cyber Defense [4.221619479687068]
Defenders are overwhelmed by the number and scale of attacks against their networks.
We propose a path to autonomous cyber agents able to augment defenders by automating critical steps in the cyber defense life cycle.
arXiv Detail & Related papers (2024-04-12T19:51:45Z) - Proceedings of the Artificial Intelligence for Cyber Security (AICS)
Workshop at AAAI 2022 [55.573187938617636]
The workshop will focus on the application of AI to problems in cyber security.
Cyber systems generate large volumes of data, utilizing this effectively is beyond human capabilities.
arXiv Detail & Related papers (2022-02-28T18:27:41Z) - Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the
Age of AI-NIDS [70.60975663021952]
We study blackbox adversarial attacks on network classifiers.
We argue that attacker-defender fixed points are themselves general-sum games with complex phase transitions.
We show that a continual learning approach is required to study attacker-defender dynamics.
arXiv Detail & Related papers (2021-11-23T23:42:16Z) - Automating Privilege Escalation with Deep Reinforcement Learning [71.87228372303453]
In this work, we exemplify the potential threat of malicious actors using deep reinforcement learning to train automated agents.
We present an agent that uses a state-of-the-art reinforcement learning algorithm to perform local privilege escalation.
Our agent is usable for generating realistic attack sensor data for training and evaluating intrusion detection systems.
arXiv Detail & Related papers (2021-10-04T12:20:46Z) - Automating Cyber Threat Hunting Using NLP, Automated Query Generation,
and Genetic Perturbation [8.669461942767098]
We have developed the WILEE system that cyber threat hunting by translating high-level threat descriptions into many possible concrete implementations.
Both the (high-level) abstract and (low-level) concrete implementations are represented using a custom domain specific language.
WILEE uses the implementations along with other logic, also written in the DSL, to automatically generate queries to confirm (or refute) any hypotheses tied to the potential adversarial.
arXiv Detail & Related papers (2021-04-23T13:19:12Z) - A System for Efficiently Hunting for Cyber Threats in Computer Systems
Using Threat Intelligence [78.23170229258162]
We build ThreatRaptor, a system that facilitates cyber threat hunting in computer systems using OSCTI.
ThreatRaptor provides (1) an unsupervised, light-weight, and accurate NLP pipeline that extracts structured threat behaviors from unstructured OSCTI text, (2) a concise and expressive domain-specific query language, TBQL, to hunt for malicious system activities, and (3) a query synthesis mechanism that automatically synthesizes a TBQL query from the extracted threat behaviors.
arXiv Detail & Related papers (2021-01-17T19:44:09Z) - Cyber Autonomy: Automating the Hacker- Self-healing, self-adaptive,
automatic cyber defense systems and their impact to the industry, society and
national security [0.0]
This paper sets the context for the urgency for cyber autonomy, and the current gaps in the cyber security industry.
A novel framework proposing four phases of maturity for full cyber autonomy will be discussed.
arXiv Detail & Related papers (2020-12-08T12:50:09Z) - Adversarial Machine Learning Attacks and Defense Methods in the Cyber
Security Domain [58.30296637276011]
This paper summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques.
It is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain.
arXiv Detail & Related papers (2020-07-05T18:22:40Z) - A Model-Based, Decision-Theoretic Perspective on Automated Cyber
Response [0.0]
This paper describes an approach to automated cyber response that is designed along these lines.
We combine a simulation of the system to be defended with an anytime online planner to solve cyber defense problems characterized as partially observable Markov decision problems (POMDPs)
arXiv Detail & Related papers (2020-02-20T15:30:59Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.