Abstract
This chapter introduces the concept of Autonomous Intelligent Cyber-defense Agents (AICAs), and briefly explains the importance of this field and the motivation for its emergence. AICA is a software agent that resides on a system, and is responsible for defending the system from cyber compromises and enabling the response and recovery of the system, usually autonomously. The autonomy of the agent is a necessity because of the growing scarcity of human cyber-experts who could defend systems, either remotely or onsite, and because sophisticated malware could degrade or spoof the communications of a system that uses a remote monitoring center. An AICA Reference Architecture has been proposed and defines five main functions: (1) sensing and world state identification, (2) planning and action selection, (3) collaboration and negotiation, (4) action execution and (5) learning and knowledge improvement. The chapter reviews the details of AICA’s environment, functions and operations. As AICA is intended to make changes within its environment, there is a risk that an agent’s action could harm a friendly computer. This risk must be balanced against the losses that could occur if the agent does not act. The chapter discusses means by which this risk can be managed and how AICA’s design features could help build trust among its users.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Kott, A., & Arnold, C. (2013). The promises and challenges of continuous monitoring and risk scoring. IEEE Security and Privacy, 11(1), 90–93.
Kott, A., & Linkov, I. (Eds.). (2019). Cyber resilience of systems and networks. Springer.
Kott, A., & Linkov, I. (2021). To improve cyber resilience, measure it. IEEE Computer, 54(2), 80–85.
Kott, A., & McEneaney, W. M. (2006). Adversarial reasoning: Computational approaches to reading the opponent’s mind. Chapman and Hall/CRC.
Kott, A., & Stump, E. (2019). Intelligent autonomous things on the battlefield. In Artificial intelligence for the internet of everything (pp. 47–65). Academic.
Kott, A., & Théron, P. (2020). Doers, not watchers: Intelligent autonomous agents are a path to cyber resilience. IEEE Security and Privacy, 18(3), 62–66.
Kott, A., Ludwig, J., & Lange, M. (2017). Assessing mission impact of cyberattacks: Toward a model-driven paradigm. IEEE Security and Privacy, 15(5), 65–74.
Kott, A., Théron, P., Drašar, M., Dushku, E., LeBlanc, B., Losiewicz, P., Guarino, A., Mancini, L., Panico, A., Pihelgas, M., & Rzadca, K. (2018). Autonomous intelligent cyber-defense agent (AICA) reference architecture. Release 2.0. arXiv preprint arXiv:1803.10664.
Kott, A., Golan, M. S., Trump, B. D., & Linkov, I. (2021). Cyber resilience: By design or by intervention? Computer, 54(8), 112–117.
Ligo, A. K., Kott, A., & Linkov, I. (2021a). Autonomous cyberdefense introduces risk: Can we manage the risk? Computer, 54(10), 106–110.
Ligo, A. K., Kott, A., & Linkov, I. (2021b). How to measure cyber-resilience of a system with autonomous agents: Approaches and challenges. IEEE Engineering Management Review, 49(2), 89–97.
Linkov, I., Galaitsi, S., Trump, B. D., Keisler, J. M., & Kott, A. (2020). Cybertrust: From explainable to actionable and interpretable artificial intelligence. Computer, 53(9), 91–96.
Muttik, I. (2016). Good viruses. Evaluating the risks. Talk at DEFCON-2016 Conference. https://www.defcon.org/images/defcon-16/dc16-presentations/defcon-16-muttik.pdf
Théron, P., Kott, A., Drašar, M., Rzadca, K., LeBlanc, B., Pihelgas, M., Mancini, L., & Panico, A. (2018). Towards an active, autonomous and intelligent cyber defense of military systems: The NATO AICA reference architecture. In 2018 international conference on military communications and information systems (ICMCIS) (pp. 1–9). IEEE.
Théron, P., Kott, A., Drašar, M., Rzadca, K., LeBlanc, B., Pihelgas, M., Mancini, L., & de Gaspari, F. (2020). Reference architecture of an autonomous agent for cyber defense of complex military systems. In Adaptive autonomous secure cyber systems (pp. 1–21). Springer.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Kott, A. (2023). Autonomous Intelligent Cyber-defense Agent: Introduction and Overview. In: Kott, A. (eds) Autonomous Intelligent Cyber Defense Agent (AICA). Advances in Information Security, vol 87. Springer, Cham. https://doi.org/10.1007/978-3-031-29269-9_1
Download citation
DOI: https://doi.org/10.1007/978-3-031-29269-9_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-29268-2
Online ISBN: 978-3-031-29269-9
eBook Packages: Computer ScienceComputer Science (R0)