Abstract
Semi-autonomous cyber security (“cyber") operations require effective communication between a human operator and the underlying cyber systems that carry out the mission. We show a goal-driven approach to specifying mission objectives of such systems, where the system has controlled autonomy to refine the goals into executable plans. An ontology aligns goal decomposition and data representation with human-level concepts, and probabilistic extensions of Belief-Desire-Intention (BDI) agent architectures allow dealing with uncertainty about the agent’s state and the effects of its actions. Our framework effectively automates parts of cyber operations while conveying the state of operations to a human operator. A case study from the cyber operations domain demonstrates that this approach can outperform the traditional BDI agent approach while requiring minimal additional information by the agent programmer.
This research was supported by the Australian Government via the Defence-funded Next Generation Technology Fund (NGTF) in collaboration with Data61, University of South Australia, The University of Adelaide, and the University of Wollongong.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Denis, M., Zena, C., Hayajneh, T.: Penetration testing: concepts, attack methods, and defense strategies. In: 2016 IEEE Long Island Systems, Applications and Technology Conference (LISAT), pp. 1–6. IEEE (2016)
Hoffmann, J.: Simulated penetration testing: from “Dijkstra" to “Turing Test++". In: Proceedings of ICAPS, pp. 364–372 (2015)
Islam, C., Babar, M.A., Nepal, S.: Automated interpretation and integration of security tools using semantic knowledge. In: Proceedings of CAiSE 2019, pp. 513–528 (2019)
Miller, D., Alford, R., Applebaum, A., Foster, H., Little, C., Strom, B.: Automated adversary emulation: a case for planning and acting with unknowns p. 9 (2018)
Nguyen, H.V., Teerakanok, S., Inomata, A., Uehara, T.: The proposal of double agent architecture using actor-critic algorithm for penetration testing. In: ICISSP, pp. 440–449 (2021)
Randhawa, S., Turnbull, B., Yuen, J., Dean, J.: Mission-centric automated cyber red teaming. In: Proceedings of 13th International Conference on Availability, Reliability and Security, pp. 1–11 (2018)
Rao, A.S., Georgeff, M.P., et al.: BDI agents: from theory to practice. In: Proceedings of ICMAS, pp. 312–319 (1995)
Sikos, L.F., Philp, D., Howard, C., Voigt, S., Stumptner, M., Mayer, W.: Knowledge representation of network semantics for reasoning-powered cyber-situational awareness. In: Sikos, L.F. (ed.) AI in Cybersecurity. ISRL, vol. 151, pp. 19–45. Springer, Cham (2019). https://doi.org/10.1007/978-3-319-98842-9_2
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Dawoud, A. et al. (2023). A Goal-Driven Approach to Support Decision-Making with Incomplete Information in Cyber Operations. In: Cabanillas, C., Pérez, F. (eds) Intelligent Information Systems. CAiSE 2023. Lecture Notes in Business Information Processing, vol 477. Springer, Cham. https://doi.org/10.1007/978-3-031-34674-3_10
Download citation
DOI: https://doi.org/10.1007/978-3-031-34674-3_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-34673-6
Online ISBN: 978-3-031-34674-3
eBook Packages: Computer ScienceComputer Science (R0)