Army Research Laboratory
Friday, March 13, 2020
Cyber resilience usually refers to the ability of an entity to detect, respond to, and recover from cybersecurity attacks to the extent that the entity can continuously deliver the intended outcome despite their presence. Cybersecurity tools such as intrusion detection and prevention systems usually generate far too many alerts, indicators, or log data, many of which do not have obvious security implications unless their correlations and temporal causality relationships are determined. In this talk, I will present methods to first estimate the infected and exploited assets and then take recovery and preventive actions using autonomous agents, deep learning, and graphs. Autonomous adversary and defender agents are designed such that the adversary agent can infer the adversary activities and intentions, based on cybersecurity observations and measurements, while the defender agent aims at estimating the best reactive and pro-active actions to protect assets and mitigate the adversary activities. The graph thinking and causality analysis of cyber infection and exploitation help predict the infection states of some assets. This prediction data of infections are taken as input data by deep reinforcement learning to train agents for determining effective actions. This talk will discuss some preliminary results from the development of building an automated system of autonomous agents to provide cyber resiliency over networks.
About the Speaker:
Hasan Cam is a Computer Scientist at US Army Research Laboratory. He currently works on projects involved with autonomous agents, active malware defense, cyber resiliency, and risk assessment over wired, mobile, and tactical networks. His research interests include cybersecurity, machine learning, data analytics, networks, algorithms, and parallel processing. He served as the government lead for the Risk area in Cyber Collaborative Research Alliance. He has previously worked as a faculty member in academia and a senior research scientist in the industry.
He has served as an editorial member of two journals, a guest editor of two special issues of journals, an organizer of symposiums and workshops, and a Technical Program Committee Member in numerous conferences. He received the Ph.D. degree in electrical and computer engineering from Purdue University, and an M.S. degree in computer science from Polytechnic University, New York. He is a Senior Member of IEEE.
Alan T. Sherman, email@example.com
Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681.