Authors:
Fusun Yaman
1
;
Thomas Eskridge
2
;
Aaron Adler
1
;
Michael Atighetchi
1
;
Borislava I. Simidchieva
1
;
Sarah Jeter
1
;
Jennifer Cassetti
3
and
Jeffrey DeMatteis
3
Affiliations:
1
Raytheon BBN Technologies, Cambridge, MA, U.S.A.
;
2
Florida Institute of Technology, Melbourne, FL, U.S.A.
;
3
Air Force Research Lab, Rome, NY, U.S.A.
Keyword(s):
Grammar Inference, Workflow Learning, Automation, Autonomous Cyber Resiliency, Ontology, Cyber Protection, User Study.
Abstract:
Cyber defenders need automation tools that are intuitive, trustworthy, non-intrusive, and reusable. The Behavior-extracting Autonomous Resiliency Toolkit (BART) is such a tool. Its architecture combines existing results and AI techniques including workflow learning, mutli-agent frameworks, knowledge representation, and inference. A user study demonstrates that BART significantly shortens the required time to execute a cyber defense. The study also revealed three types of errors that an automated tool such as BART could prevent: typographical/syntax, procedural, and “hidden.” We also describe an emerging application of BART.