Towards an AI-powered Player in Cyber Defence Exercises
Abstract
Cyber attacks are becoming increasingly frequent, sophisticated, and stealthy. This makes it harder for cyber defence teams to keep up, forcing them to automate their defence capabilities in order to improve their reactivity and efficiency. Therefore, we propose a fully automated cyber defence framework that no longer needs support from humans to detect and mitigate attacks within a complex infrastructure. We design our framework based on a real-world case-Locked Shields-the world’s largest cyber defence exercise. In this exercise, teams have to defend their networked infrastructure against attacks, while maintaining operational services for their users. Our framework architecture connects various cyber sensors with network, device, application, and user actuators through an artificial intelligence (AI)-powered automated team in order to dynamically secure the cyber environment. To the best of our knowledge, our framework is the first attempt towards a fully automated cyber defence team that aims at protecting complex environments from sophisticated attacks.
People
BibTex
@inproceedings{meier2021towards,
author = {Meier, Roland and Lavrenovs, Art{\={u}}rs and Hein{\"{a}}aro, Kimmo and Gambazzi, Luca and Lenders, Vincent},
title = {{Towards an AI-powered Player in Cyber Defence Exercises}},
booktitle = {2021 13th International Conference on Cyber Conflict (CyCon)},
address = {Tallinn, Estonia},
year = 2021,
month = may,
publisher = {IEEE},
doi = {10.23919/CYCON51939.2021.9467801},
url = {https://doi.org/10.23919/CyCon51939.2021.9467801}
}Research Collection: 20.500.11850/501796