REGARD: Rules of EngaGement for Automated cybeR Defense to aid in
Intrusion Response
- URL: http://arxiv.org/abs/2305.13967v1
- Date: Tue, 23 May 2023 11:52:02 GMT
- Title: REGARD: Rules of EngaGement for Automated cybeR Defense to aid in
Intrusion Response
- Authors: Damodar Panigrahi, William Anderson, Joshua Whitman, Sudip Mittal,
Benjamin A Blakely
- Abstract summary: Automated Intelligent Cyberdefense Agents (AICAs) are part Intrusion Detection Systems (IDS) and part Intrusion Response Systems (IRS)
We create Rules of EngaGement for Automated cybeR Defense (REGARD) system which holds a set of Rules of Engagement (RoE) to protect the managed system according to the instructions provided by the human operator.
- Score: 0.41998444721319206
- License: http://creativecommons.org/licenses/by-nc-nd/4.0/
- Abstract: Automated Intelligent Cyberdefense Agents (AICAs) that are part Intrusion
Detection Systems (IDS) and part Intrusion Response Systems (IRS) are being
designed to protect against sophisticated and automated cyber-attacks. An AICA
based on the ideas of Self-Adaptive Autonomic Computing Systems (SA-ACS) can be
considered as a managing system that protects a managed system like a personal
computer, web application, critical infrastructure, etc. An AICA, specifically
the IRS components, can compute a wide range of potential responses to meet its
security goals and objectives, such as taking actions to prevent the attack
from completing, restoring the system to comply with the organizational
security policy, containing or confining an attack, attack eradication,
deploying forensics measures to enable future attack analysis, counterattack,
and so on. To restrict its activities in order to minimize
collateral/organizational damage, such an automated system must have set Rules
of Engagement (RoE). Automated systems must determine which operations can be
completely automated (and when), which actions require human operator
confirmation, and which actions must never be undertaken. In this paper, to
enable this control functionality over an IRS, we create Rules of EngaGement
for Automated cybeR Defense (REGARD) system which holds a set of Rules of
Engagement (RoE) to protect the managed system according to the instructions
provided by the human operator. These rules help limit the action of the IRS on
the managed system in compliance with the recommendations of the domain expert.
We provide details of execution, management, operation, and conflict resolution
for Rules of Engagement (RoE) to constrain the actions of an automated IRS. We
also describe REGARD system implementation, security case studies for cyber
defense, and RoE demonstrations.
Related papers
- Autonomous Action Runtime Management(AARM):A System Specification for Securing AI-Driven Actions at Runtime [0.0]
This paper introduces Autonomous Action Management (AARM), an open specification for securing AI-driven actions at runtime.<n>AARM intercepts actions before execution, accumulates session context, evaluates against policy and intent alignment, enforces authorization decisions, and records tamper-evident receipts for forensic reconstruction.<n>AARM is model-agnostic, framework-agnostic, and vendor-neutral, treating action execution as the stable security boundary.
arXiv Detail & Related papers (2026-02-10T05:57:30Z) - LPS-Bench: Benchmarking Safety Awareness of Computer-Use Agents in Long-Horizon Planning under Benign and Adversarial Scenarios [51.52395368061729]
We present LPS-Bench, a benchmark that evaluates the planning-time safety awareness of MCP-based CUAs under long-horizon tasks.<n> Experiments reveal substantial deficiencies in existing CUAs' ability to maintain safe behavior.<n>We propose mitigation strategies to improve long-horizon planning safety in MCP-based CUA systems.
arXiv Detail & Related papers (2026-02-03T08:40:24Z) - CaMeLs Can Use Computers Too: System-level Security for Computer Use Agents [60.98294016925157]
AI agents are vulnerable to prompt injection attacks, where malicious content hijacks agent behavior to steal credentials or cause financial loss.<n>We introduce Single-Shot Planning for CUAs, where a trusted planner generates a complete execution graph with conditional branches before any observation of potentially malicious content.<n>Although this architectural isolation successfully prevents instruction injections, we show that additional measures are needed to prevent Branch Steering attacks.
arXiv Detail & Related papers (2026-01-14T23:06:35Z) - IRSDA: An Agent-Orchestrated Framework for Enterprise Intrusion Response [7.470506991479105]
Intrusion Response System Digital Assistant (IRSDA) is an agent-based framework designed to deliver autonomous and policy-compliant cyber defense.<n>IRSDA incorporates a knowledge-driven architecture that integrates contextual information with AI-based reasoning to support system-guided intrusion response.<n>This work outlines a modular agent-driven approach to cyber defense that emphasizes explainability, system-state awareness, and operational control in intrusion response.
arXiv Detail & Related papers (2025-11-24T19:21:09Z) - Policy-as-Prompt: Turning AI Governance Rules into Guardrails for AI Agents [0.19336815376402716]
We introduce a regulatory machine learning framework that converts unstructured design artifacts (like PRDs, TDDs, and code) into verifiable runtime guardrails.<n>Our Policy as Prompt method reads these documents and risk controls to build a source-linked policy tree.<n>System is built to enforce least privilege and data minimization.
arXiv Detail & Related papers (2025-09-28T17:36:52Z) - ANNIE: Be Careful of Your Robots [48.89876809734855]
We present the first systematic study of adversarial safety attacks on embodied AI systems.<n>We show attack success rates exceeding 50% across all safety categories.<n>Results expose a previously underexplored but highly consequential attack surface in embodied AI systems.
arXiv Detail & Related papers (2025-09-03T15:00:28Z) - Security Challenges in AI Agent Deployment: Insights from a Large Scale Public Competition [101.86739402748995]
We run the largest public red-teaming competition to date, targeting 22 frontier AI agents across 44 realistic deployment scenarios.<n>We build the Agent Red Teaming benchmark and evaluate it across 19 state-of-the-art models.<n>Our findings highlight critical and persistent vulnerabilities in today's AI agents.
arXiv Detail & Related papers (2025-07-28T05:13:04Z) - Toward an Intent-Based and Ontology-Driven Autonomic Security Response in Security Orchestration Automation and Response [1.0027737736304287]
We bridge the gap between two research directions: Intent-Based Cyber Defense and Autonomic Cyber Defense.<n>We propose a unified, ontology-driven security intent definition leveraging the MITRE-D3FEND cybersecurity ontology.<n>We also propose a general two-tiered methodology for integrating such security intents into decision-theoretic Autonomic Cyber Defense systems.
arXiv Detail & Related papers (2025-07-16T09:17:53Z) - DRIFT: Dynamic Rule-Based Defense with Injection Isolation for Securing LLM Agents [52.92354372596197]
Large Language Models (LLMs) are increasingly central to agentic systems due to their strong reasoning and planning capabilities.<n>This interaction also introduces the risk of prompt injection attacks, where malicious inputs from external sources can mislead the agent's behavior.<n>We propose a Dynamic Rule-based Isolation Framework for Trustworthy agentic systems, which enforces both control and data-level constraints.
arXiv Detail & Related papers (2025-06-13T05:01:09Z) - LLM Agents Should Employ Security Principles [60.03651084139836]
This paper argues that the well-established design principles in information security should be employed when deploying Large Language Model (LLM) agents at scale.<n>We introduce AgentSandbox, a conceptual framework embedding these security principles to provide safeguards throughout an agent's life-cycle.
arXiv Detail & Related papers (2025-05-29T21:39:08Z) - An Approach to Technical AGI Safety and Security [72.83728459135101]
We develop an approach to address the risk of harms consequential enough to significantly harm humanity.
We focus on technical approaches to misuse and misalignment.
We briefly outline how these ingredients could be combined to produce safety cases for AGI systems.
arXiv Detail & Related papers (2025-04-02T15:59:31Z) - Position: A taxonomy for reporting and describing AI security incidents [57.98317583163334]
We argue that specific are required to describe and report security incidents of AI systems.
Existing frameworks for either non-AI security or generic AI safety incident reporting are insufficient to capture the specific properties of AI security.
arXiv Detail & Related papers (2024-12-19T13:50:26Z) - Usage Governance Advisor: From Intent to AI Governance [4.49852442764084]
evaluating the safety of AI systems is a pressing concern for organizations deploying them.
We present Usage Governance Advisor which creates semi-structured governance information.
arXiv Detail & Related papers (2024-12-02T20:36:41Z) - IRSKG: Unified Intrusion Response System Knowledge Graph Ontology for Cyber Defense [2.17870369215002]
Intrusion Response System (IRS) is critical for mitigating threats after detection.
IRS uses several Tactics, Techniques, and Procedures (TTPs) to mitigate attacks and restore the infrastructure to normal operations.
We propose a unified IRS Knowledge Graph ontology (IRSKG) that streamlines the onboarding of new enterprise systems as a source for the AICAs.
arXiv Detail & Related papers (2024-11-23T23:31:55Z) - Exploring the Adversarial Vulnerabilities of Vision-Language-Action Models in Robotics [70.93622520400385]
This paper systematically quantifies the robustness of VLA-based robotic systems.
We introduce an untargeted position-aware attack objective that leverages spatial foundations to destabilize robotic actions.
We also design an adversarial patch generation approach that places a small, colorful patch within the camera's view, effectively executing the attack in both digital and physical environments.
arXiv Detail & Related papers (2024-11-18T01:52:20Z) - Automated Cybersecurity Compliance and Threat Response Using AI, Blockchain & Smart Contracts [0.36832029288386137]
We present a novel framework that integrates artificial intelligence (AI), blockchain, and smart contracts.
We propose a system that automates the enforcement of security policies, reducing manual effort and potential human error.
arXiv Detail & Related papers (2024-09-12T20:38:14Z) - Sustainable Adaptive Security [11.574868434725117]
We propose the notion of Sustainable Adaptive Security (SAS) which reflects enduring protection by augmenting adaptive security systems with the capability of mitigating newly discovered threats.
We use a smart home example to showcase how we can engineer the activities of the MAPE (Monitor, Analysis, Planning, and Execution) loop of systems satisfying sustainable adaptive security.
arXiv Detail & Related papers (2023-06-05T08:48:36Z) - Automated Cyber Defence: A Review [0.0]
Research within Automated Cyber Defence will allow the development and enabling intelligence response by autonomously defending networked systems through sequential decision-making agents.
This article comprehensively elaborates the developments within Automated Cyber Defence through a requirement analysis divided into two sub-areas, namely, automated defence and attack agents and Autonomous Cyber Operation (ACO) Gyms.
The requirement analysis is also used to critique ACO Gyms with an overall aim to develop them for deploying automated agents within real-world networked systems.
arXiv Detail & Related papers (2023-03-08T22:37:50Z) - Monitoring ROS2: from Requirements to Autonomous Robots [58.720142291102135]
This paper provides an overview of a formal approach to generating runtime monitors for autonomous robots from requirements written in a structured natural language.
Our approach integrates the Formal Requirement Elicitation Tool (FRET) with Copilot, a runtime verification framework, through the Ogma integration tool.
arXiv Detail & Related papers (2022-09-28T12:19:13Z) - Automating Privilege Escalation with Deep Reinforcement Learning [71.87228372303453]
In this work, we exemplify the potential threat of malicious actors using deep reinforcement learning to train automated agents.
We present an agent that uses a state-of-the-art reinforcement learning algorithm to perform local privilege escalation.
Our agent is usable for generating realistic attack sensor data for training and evaluating intrusion detection systems.
arXiv Detail & Related papers (2021-10-04T12:20:46Z) - Safe RAN control: A Symbolic Reinforcement Learning Approach [62.997667081978825]
We present a Symbolic Reinforcement Learning (SRL) based architecture for safety control of Radio Access Network (RAN) applications.
We provide a purely automated procedure in which a user can specify high-level logical safety specifications for a given cellular network topology.
We introduce a user interface (UI) developed to help a user set intent specifications to the system, and inspect the difference in agent proposed actions.
arXiv Detail & Related papers (2021-06-03T16:45:40Z) - A System for Efficiently Hunting for Cyber Threats in Computer Systems
Using Threat Intelligence [78.23170229258162]
We build ThreatRaptor, a system that facilitates cyber threat hunting in computer systems using OSCTI.
ThreatRaptor provides (1) an unsupervised, light-weight, and accurate NLP pipeline that extracts structured threat behaviors from unstructured OSCTI text, (2) a concise and expressive domain-specific query language, TBQL, to hunt for malicious system activities, and (3) a query synthesis mechanism that automatically synthesizes a TBQL query from the extracted threat behaviors.
arXiv Detail & Related papers (2021-01-17T19:44:09Z) - Enabling Efficient Cyber Threat Hunting With Cyber Threat Intelligence [94.94833077653998]
ThreatRaptor is a system that facilitates threat hunting in computer systems using open-source Cyber Threat Intelligence (OSCTI)
It extracts structured threat behaviors from unstructured OSCTI text and uses a concise and expressive domain-specific query language, TBQL, to hunt for malicious system activities.
Evaluations on a broad set of attack cases demonstrate the accuracy and efficiency of ThreatRaptor in practical threat hunting.
arXiv Detail & Related papers (2020-10-26T14:54:01Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.