Cyber security is defined by the presence of intelligent, adaptive adversaries. Defenders engage in an arms race with attackers as both sides take turns crafting new responses to each other’s actions. This adversarial pattern is repeated in multiple cyber domains and occurs at multiple time scales, ranging from capture-the-flag exercises to the decades-running "War in Memory" in C/C++. Defenses are largely reactive, each new attack typically requires identification, human response, and design intervention to prevent it, a paradigm that cannot handle the scale, severity and adaptive strategy of forthcoming threats. Recognition is growing of the need to develop autonomous, proactive cyber defenses that are anticipatory and adaptable to counter attacks. The STEALTH CyberSecurity project:
  • How to model and simulate a network and mission given some assumptions
  • How to design the controller behavior of distributed defensive nodes and attackers so they can both robustly handle moving target attacks, e.g. extreme DDOS
  • Design deceptive behavior, i.e. both adversaries want their opponent to believe that they are succeding.
  • How we will analyze the controller after experimentation. There are a-priori assumptions about the intent and competence of the adversary and about the willingness to consume resources that need to be made when creating controllers using AI-planning.
  • Draws upon adversarial coevolutionary design concepts developed for the STEALTH project.

This project is supported by DARPA, MIT Lincoln Labs and cybersecurity@csail grants.