Towards Trustworthy Autonomous Cyber Defense for Dynamic Intrusion Response
Lead PI:
Ehab Al-Shaer

This project proposes transformative research approaches to provide a significant leap toward genuine autonomous cyber defense by enabling playbooks to be dynamically adaptive, predictive, adversary-aware, and trustworthy. Our proposed techniques address the above challenges and enable advancing the science and engineering of the state-of-the-art of intrusion response automation by ambitiously seeking to develop autonomous cyber defense systems that require no or minimal human involvement in the decision-making loop while maximizing effectiveness (i.e., system convergence to a good state) and minimizing the time-to-respond or mitigate. We propose to make cybersecurity autonomous by designing formal models and techniques that can automatically observe, reason, predict, adapt, and act to respond to attacks proactively, providing provable guarantees of safety and convergence.

Ehab Al-Shaer

Dr. Al-Shaer is a Distinguished Research Fellow at Software and Societal Systems Department in the School of Computer Science,  and Faculty Member of CyLab at Carnegie Mellon University. Prof. Al-Shaer was also a Distinguished Career Professor at School of College of Engineering at Carnegie Mellon University. Before joining CMU,  Dr. Al-Shaer was a Professor and the Founding Director of NSF Cybersecurity Analytics and Automation  (CCAA) center in the University of North Carolina Charlotte from 20011-2020.

Dr. Al-Shaer's primary research areas are AI-enabled cybersecurity including automated adaptive response, domain-specific language models for cybersecurity, formal methods for configuration verification and synthesis, active cyber deception, cyber deterrence and network resilience. He published 10 books and more than 250 refereed publications in his area of expertise. Dr. Al-Shaer was designated by the Department of Defense (DoD) as a Subject Matter Expert (SME) on security analytics and automation in 2011. He was also awarded the IBM Faculty Award in 2012, and the UNC Charlotte Faculty Research Award in 2013.

Dr. Al-Shaer was the ARO Autonomous Cyber Deception Workshop in 2018, General Chair of ACM Computer and Communication in 2009 and 2010, NSF Workshop in Assurable and Usable Security Configuration in 2008. Dr. Al-Shaer was also the Program Committee Chair for many conferences and workshops including ACM/IEEE SafeConfig 2013 and 2015, IEEE Integrated Management (IM) 2007, IEEE POLICY 2008. Al-Shaer has two accepted patents and several submitted ones. He also has lead several technology transfer projects. He is also an advisory board member for leading companies in cybersecurity automation. 

Institution: Carnegie Mellon University