Research Team Status

• Names of researchers and position 
  (e.g. Research Scientist, PostDoc, Student (Undergrad/Masters/PhD))
  • Xenofon Koutsoukos – PI
  • Sandeep Neema – co-PI
  • Gabor Karsai – co-PI
  • Ankita Samaddar- Postdoctoral Scholar
  • Robert Canady - Postdoctoral Scholar
  • Nicholas Potteiger – PhD student
  • Noah Dahle - PhD student
     
• Any new collaborations with other universities/researchers?
  • Collaboration with the DARPA CASTLE project at Vanderbilt and University of Virginia for evaluation of the neurosymbolic cyber-agents using a realistic emulation testbed.

Project Goals

• What is the current project goal?
  • Design robust cyber-defense agents using evolving behavior trees (EBTs).
  • Develop runtime assurance methods for determining the confidence of EBT-agent actions. 
  • Evaluate the EBT-based agents in computer network defense scenarios based in the CybORG simulation environment and in the Vanderbilt emulation testbed developed under the DARPA CASTLE.

Evaluate the EBT-based agents in computer network defense scenarios based in the CybORG simulation environment and in the Vanderbilt emulation testbed developed under the DARPA CASTLE.
 

• How does the current goal factor into the long-term goal of the project?
  • The current goals address the development of the agent architecture including the required learning methods, runtime assurance, and demonstration and evaluation which are the main tasks of the year 1 base period.

Accomplishments

• Address whether project milestones were met. If milestones were not met, explain why, and what are the next steps.
  • Project milestones are met with respect to both the agent architecture and the demonstration/evaluation. In summary, we developed and demonstrated an approach to design autonomous cyber defense agents using behavior trees with learning-enabled components, which we refer to as Evolving Behavior Trees (EBTs). 
  • The initial phase of runtime assurance methods for out-of-distribution detection and generalization was completed and demonstrated highlighting the differences between the CybOrg simulator and the Vanderbilt emulation testbed developed under the DARPA CASTLE program for CAGE Challenge 2.
     
• What is the contribution to foundational cybersecurity research? Was there something discovered or confirmed?
  • Our results demonstrate that neuro-symbolic models are robust to adaptive cyber-attacks and can provide high-level explanations for interpreting its decisions and actions.
     
• Impact of research
  • Internal to the university (coursework/curriculum)
  • External to the university (transition to industry/government (local/federal); patents, start-ups, software, etc.)
    • The neurosymbolic cyber-defense agents are evaluated using the emulation testbed developed at Vanderbilt under the DARPA CASTLE program. The impact of this research is beneficial not only for improving the design of the cyber-agents but also for validation of the emulation testbed.
  • Any acknowledgements, awards, or references in media?

Publications and presentations

• Add publication reference in the publications section below. An authors copy or final should be added in the report file(s) section. This is for NSA's review only.

   

• Optionally, upload technical presentation slides that may go into greater detail. For NSA's review only.