Artificial Intelligence to Simulate Cybersecurity Red Team

Description:

TECHNOLOGY AREA(S): Info Systems 

OBJECTIVE: Design, develop and demonstrate an innovative artificial intelligence system to simulate a Cybersecurity red team. 

DESCRIPTION: The government is interested in innovative approaches for simulating Cybersecurity attacks to train missile defense network defenders. Traditionally, this is done using either canned scenarios or human-in-the-loop training events. Canned scenarios provide limited realism for training while human-in-the-loop events are cost prohibitive. Turning training into a "game" with rewards would incentivize the user to train more frequently to maintain top skill levels. An innovative approach to solve this problem may be an artificial intelligence system that could adapt its attacks real-time based on the trainee responses. For example, a highly trained neural network that could adapt to the trainee’s input with ever-increasing and adapting attack vectors could be one approach to solve this problem. Using a fuzzy logic rule based system might be another approach. 

PHASE I: Develop and demonstrate a gaming concept for training a user to defend a network against multiple threats of varying types and capabilities. The concept should provide feedback to the game participant in a quantitatively measurable format. It should also provide the capability to compare these “scores” based on the participant’s alternatives or courses of action. 

PHASE II: Refine and update the concept(s) based on Phase I results, and demonstrate the impacts of more advanced network attacks with increasing levels of realism. Demonstrate how the gaming concepts improve the operator’s ability to quickly plan for rapid attack vector changes. The government may provide a test bed at no cost, if the developer wishes to utilize the facility for high fidelity testing. 

PHASE III: Demonstrate the new technologies via operation as part of a complete system or operation in a system-level test bed to allow for testing and evaluation in realistic scenarios. Pursue commercialization of the various technologies and optimization components developed in Phase II for potential commercial and military uses. Transition technologies to relevant government elements directly or through vendors. 

REFERENCES: 

1: A. Nagarajan, J. M. Allbeck, A. Sood and T. L. Janssen. 2012. "Exploring game design for cybersecurity training." 2012 IEEE International Conference on Cyber Technology in Automation, Control, and Intelligent Systems (CYBER). 256-262.

2:  D. Nicholson, et al. 2016. "Tailored Cybersecurity Training in LVC Environments." MODSIM World Conference, Virginia Beach, VA.

KEYWORDS: Gaming, Network Defense, Cybersecurity 

CONTACT(S): 

Megan Burton 

(256) 450-5325 

megan.burton@mda.mil 

US Flag An Official Website of the United States Government