Autonomous Intelligent Cyber-defense Agent: Introduction and Overview

Kott, Alexander

doi:10.1007/978-3-031-29269-9_1

Alexander Kott⁶

Part of the book series: Advances in Information Security ((ADIS,volume 87))

485 Accesses
6 Altmetric

Abstract

This chapter introduces the concept of Autonomous Intelligent Cyber-defense Agents (AICAs), and briefly explains the importance of this field and the motivation for its emergence. AICA is a software agent that resides on a system, and is responsible for defending the system from cyber compromises and enabling the response and recovery of the system, usually autonomously. The autonomy of the agent is a necessity because of the growing scarcity of human cyber-experts who could defend systems, either remotely or onsite, and because sophisticated malware could degrade or spoof the communications of a system that uses a remote monitoring center. An AICA Reference Architecture has been proposed and defines five main functions: (1) sensing and world state identification, (2) planning and action selection, (3) collaboration and negotiation, (4) action execution and (5) learning and knowledge improvement. The chapter reviews the details of AICA’s environment, functions and operations. As AICA is intended to make changes within its environment, there is a risk that an agent’s action could harm a friendly computer. This risk must be balanced against the losses that could occur if the agent does not act. The chapter discusses means by which this risk can be managed and how AICA’s design features could help build trust among its users.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 139.00; Price excludes VAT (USA)

Hardcover Book: USD 179.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Kott, A., & Arnold, C. (2013). The promises and challenges of continuous monitoring and risk scoring. IEEE Security and Privacy, 11(1), 90–93.
Article Google Scholar
Kott, A., & Linkov, I. (Eds.). (2019). Cyber resilience of systems and networks. Springer.
Google Scholar
Kott, A., & Linkov, I. (2021). To improve cyber resilience, measure it. IEEE Computer, 54(2), 80–85.
Article Google Scholar
Kott, A., & McEneaney, W. M. (2006). Adversarial reasoning: Computational approaches to reading the opponent’s mind. Chapman and Hall/CRC.
Book MATH Google Scholar
Kott, A., & Stump, E. (2019). Intelligent autonomous things on the battlefield. In Artificial intelligence for the internet of everything (pp. 47–65). Academic.
Chapter Google Scholar
Kott, A., & Théron, P. (2020). Doers, not watchers: Intelligent autonomous agents are a path to cyber resilience. IEEE Security and Privacy, 18(3), 62–66.
Article Google Scholar
Kott, A., Ludwig, J., & Lange, M. (2017). Assessing mission impact of cyberattacks: Toward a model-driven paradigm. IEEE Security and Privacy, 15(5), 65–74.
Article Google Scholar
Kott, A., Théron, P., Drašar, M., Dushku, E., LeBlanc, B., Losiewicz, P., Guarino, A., Mancini, L., Panico, A., Pihelgas, M., & Rzadca, K. (2018). Autonomous intelligent cyber-defense agent (AICA) reference architecture. Release 2.0. arXiv preprint arXiv:1803.10664.
Google Scholar
Kott, A., Golan, M. S., Trump, B. D., & Linkov, I. (2021). Cyber resilience: By design or by intervention? Computer, 54(8), 112–117.
Article Google Scholar
Ligo, A. K., Kott, A., & Linkov, I. (2021a). Autonomous cyberdefense introduces risk: Can we manage the risk? Computer, 54(10), 106–110.
Article Google Scholar
Ligo, A. K., Kott, A., & Linkov, I. (2021b). How to measure cyber-resilience of a system with autonomous agents: Approaches and challenges. IEEE Engineering Management Review, 49(2), 89–97.
Article Google Scholar
Linkov, I., Galaitsi, S., Trump, B. D., Keisler, J. M., & Kott, A. (2020). Cybertrust: From explainable to actionable and interpretable artificial intelligence. Computer, 53(9), 91–96.
Article Google Scholar
Muttik, I. (2016). Good viruses. Evaluating the risks. Talk at DEFCON-2016 Conference. https://www.defcon.org/images/defcon-16/dc16-presentations/defcon-16-muttik.pdf
Théron, P., Kott, A., Drašar, M., Rzadca, K., LeBlanc, B., Pihelgas, M., Mancini, L., & Panico, A. (2018). Towards an active, autonomous and intelligent cyber defense of military systems: The NATO AICA reference architecture. In 2018 international conference on military communications and information systems (ICMCIS) (pp. 1–9). IEEE.
Google Scholar
Théron, P., Kott, A., Drašar, M., Rzadca, K., LeBlanc, B., Pihelgas, M., Mancini, L., & de Gaspari, F. (2020). Reference architecture of an autonomous agent for cyber defense of complex military systems. In Adaptive autonomous secure cyber systems (pp. 1–21). Springer.
Google Scholar

Download references

Author information

Authors and Affiliations

US Army DEVCOM Army Research Laboratory, Adelphi, MD, USA
Alexander Kott

Authors

Alexander Kott
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alexander Kott .

Editor information

Editors and Affiliations

United States Army Research Laboratory, Adelphi, MD, USA
Alexander Kott

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Kott, A. (2023). Autonomous Intelligent Cyber-defense Agent: Introduction and Overview. In: Kott, A. (eds) Autonomous Intelligent Cyber Defense Agent (AICA). Advances in Information Security, vol 87. Springer, Cham. https://doi.org/10.1007/978-3-031-29269-9_1

Download citation

DOI: https://doi.org/10.1007/978-3-031-29269-9_1
Published: 03 June 2023
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-29268-2
Online ISBN: 978-3-031-29269-9
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics