Neurosymbolic Autonomous Agents for Cyber-Defense

Co-Pi:

Abstract

Autonomous agents for cyber applications need to learn, reason about, and adapt and deploy security rules to defend networked computer systems while maintaining mission-critical operationally relevant workflows. The goal of the project is to develop machine learning methods for design of neurosymbolic cyber-security agents which can react autonomously to cyber-attacks. The agents must be able to mitigate cyber-attacks by deploying mitigations and countermeasures at variable length time intervals, such as detecting cyber-attacks, isolating compromised components, resetting compromised components to known secure states, and switching to failover configurations. Although recent advances in deep machine learning have enabled the design of sophisticated agents for well-defined tasks, orchestrating defensive actions requires the integration of symbolic models with neural components. Agents need information from a very high-dimensional state space such as alerts from intrusion detection systems and sensory data monitoring the status of operational workflows. Heterogeneity in time scales across software and systems introduces significant challenges. Determining an optimal mitigation action requires decisions in the presence of incomplete and noisy information. Further, neurosymbolic models can facilitate effective human-machine interaction improving trust in machine recommendations/actions.

The project will develop a neurosymbolic model representation is referred as Evolving Behavior Trees (EBTs). Specifically, the research objective of the project is to develop (1) methods for learning EBTs, (2) methods for the assurance of EBTs, and (3) evaluating autonomous cyber agents based on EBTs. I

Xenofon Koutsoukos

Xenofon Koutsoukos is a Professor of Computer Science, Computer Engineering, and Electrical Engineering in the Department of Electrical Engineering and Computer Science at Vanderbilt University. He is also a Senior Research Scientist in the Institute for Software Integrated Systems (ISIS).

Before joining Vanderbilt, Dr. Koutsoukos was a Member of Research Staff in the Xerox Palo Alto Research Center (PARC) (2000-2002), working in the Embedded Collaborative Computing Area.
He received his Diploma in Electrical and Computer Engineering from the National Technical University of Athens (NTUA), Greece in 1993. Between 1993 and 1995, he joined the National Center for Space Applications, Hellenic Ministry of National Defense, Athens, Greece as a computer engineer in the areas of image processing and remote sensing. He received the Master of Science in Electrical Engineering in January 1998 and the Master of Science in Applied Mathematics in May 1998 both from the University of Notre Dame. He received his PhD in Electrical Engineering working under Professor Panos J. Antsaklis with the group for Interdisciplinary Studies of Intelligent Systems.

His research work is in the area of cyber-physical systems with emphasis on formal methods, distributed algorithms, diagnosis and fault tolerance, and adaptive resource management. He has published numerous journal and conference papers and he is co-inventor of four US patents. He is the recipient of the NSF Career Award in 2004, the Excellence in Teaching Award in 2009 from the Vanderbilt University School of Engineering, and the 2011 Aeronautics Research Mission Directorate (ARMD) Associate Administrator (AA) Award in Technology and Innovation from NASA.

Institution: Vanderbilt University

Sponsor: NSA

Project Material

Reports