Towards Autonomous Cyber Defense: Predictions from a cognitive model
Event Type
TimeWednesday, October 12th4:30pm - 5:30pm EDT
LocationPoster Gallery
DescriptionTo advance defense automation, research suggests the use of cognitive models, which have the capability of accounting for human cognitive constraints, representing, tracing and predicting human actions. The success of cyber defense largely depends on the ability to predict the attacker's actions through experience. In this research, we present a cognitive model of cyber defense and demonstrate the model's predictions in a scenario against two types of attack strategies and under various conditions of noise and feedback frequency regarding the attacker's actions. Results illustrate the expected impact on defense losses when attackers are more knowledgeable and directed in their attacks compared to when an attacker meanders around; results show how losses increase under the presence of normal activity and how a defender can benefit from not knowing information too frequently to reduce losses. We discuss the implications of these results for the future of autonomous cyber defense.