Neurosymbolic Autonomous Agents for Cyber-Defense
Lead PI:
Sandeep Neema
Co-Pi:
Abstract

Autonomous agents for cyber applications need to learn, reason about, and adapt and deploy security rules to defend networked computer systems while maintaining mission-critical operationally relevant workflows. The goal of the project is to develop machine learning methods for design of neurosymbolic cyber-security agents which can react autonomously to cyber-attacks. The agents must be able to mitigate cyber-attacks by deploying mitigations and countermeasures at variable length time intervals, such as detecting cyber-attacks, isolating compromised components, resetting compromised components to known secure states, and switching to failover configurations. Although recent advances in deep machine learning have enabled the design of sophisticated agents for well-defined tasks, orchestrating defensive actions requires the integration of symbolic models with neural components. Agents need information from a very high-dimensional state space such as alerts from intrusion detection systems and sensory data monitoring the status of operational workflows. Heterogeneity in time scales across software and systems introduces significant challenges. Determining an optimal mitigation action requires decisions in the presence of incomplete and noisy information. Further, neurosymbolic models can facilitate effective human-machine interaction improving trust in machine recommendations/actions.

The project will develop a neurosymbolic model representation is referred as Evolving Behavior Trees (EBTs). Specifically, the research objective of the project is to develop (1) methods for learning EBTs, (2) methods for the assurance of EBTs, and (3) evaluating autonomous cyber agents based on EBTs. I

Sandeep Neema

Dr. Sandeep Neema is a Professor of Computer Science at Vanderbilt University since August 2020. He also holds courtesy appointment as Professor of Electrical and Computer Engineering at Vanderbilt University. He was a Program manager at DARPA’s Information Innovation Office (I2O) from July 2016 till September 2022. In his tenure at DARPA he conceived, developed, and managed influential programs at the intersection of Artificial Intelligence and Cyber Physical Systems, that included programs such as Assured Autonomy, Symbiotic Design of Cyber Physical Systems, and Assured Neurosymbolic Learning and Reasoning. His research interests include Cyber Physical Systems, Model-based Design Methodologies, Artificial Intelligence and Machine Learning, and Distributed Real-time Systems. Dr. Neema has authored and co-authored more than 100 peer-reviewed conference, journal publications, and book chapters. Dr. Neema holds a Doctorate in Electrical Engineering and Computer Science from Vanderbilt University, and a Master’s in Electrical Engineering from Utah State University. He earned a Bachelor of Technology degree in Electrical Engineering from the Indian Institute of Technology, New Delhi, India.

Institution: Vanderbilt University
Sponsor: NSA
Project Material