AI Institute for Agent-based Cyber Threat Intelligence and Operation

基于代理的网络威胁情报和运营人工智能研究所

• 批准号: 2229876
• 负责人: Giovanni Vigna
• 金额: $ 1999.42万
• 依托单位: University of California-Santa Barbara
• 依托单位国家: 美国
• 项目类别: Cooperative Agreement
• 财政年份: 2023
• 资助国家: 美国
• 起止时间: 2023-06-01 至 2028-05-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2229876&HistoricalAwards=false
• 关键词: AI; Institute; Agent; based; Cyber

Computer systems are increasingly central to national infrastructure in the financial, medical, manufacturing, defense, and other domains. This infrastructure is at risk from sophisticated cyber-adversaries backed by powerful nation-states, whose capabilities rapidly evolve, demanding equally rapid responses. This calls for advances in artificial intelligence and autonomous reasoning that are tightly integrated with advanced security techniques to identify and correct vulnerabilities, detect threats and attribute them to adversaries, and mitigate and recover from attacks. The ACTION Institute will develop novel approaches that leverage artificial intelligence–informed by and working with experts in security operations–to perform security tasks rapidly and at scale, anticipating the moves of an adversary and taking corrective actions to protect the security of computer networks as well as people’s safety. The Institute will function as a nexus for the AI and cybersecurity communities, and its research efforts will be complemented by innovation in education from K-12 to postdoctoral students, the development of new tools for workforce development, and the creation of new opportunities for collaboration among the Institute’s organizations and with external industry partners. The AI Institute will initiate a revolutionary approach to cybersecurity, in which AI-enabled intelligent security agents cooperate with humans across the cyber-defense life cycle to jointly improve the security posture of complex computer systems over time. Intelligent security agents will follow a new paradigm of continuous, lifelong learning both autonomously and in collaboration with human experts, supported by a shared knowledge bank and an integrated AI stack that provides novel fundamental primitives for (1) reasoning and learning that incorporates domain knowledge, (2) human-agent interaction, (3) multi-agent collaboration, and (4) strategic gaming and tactical planning. Over time, these intelligent security agents will improve their domain knowledge, becoming increasingly robust and effective in the face of changes in the adversaries’ modes of operation, composing defense strategies and tactical plans in the presence of uncertainty, collaborating with each other and with humans for mutually complementary teaming, and adapting to unfamiliar and novel attacks.The Department of Homeland Security and IBM are partnering with NSF to provide funding for this Institute.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

计算机系统在金融、医疗、制造、国防和其他领域的国家基础设施中越来越重要。这一基础设施面临着强大民族国家支持的复杂网络对手的风险，这些国家的能力迅速发展，需要同样迅速的反应。这就需要人工智能和自主推理的进步，与先进的安全技术紧密结合，以识别和纠正漏洞，检测威胁并将其归因于对手，以及减轻攻击并从攻击中恢复。行动研究所将开发新的方法，利用人工智能-由安全操作专家提供信息并与之合作-快速大规模执行安全任务，预测对手的行动并采取纠正措施以保护计算机网络的安全以及人们的安全。该研究所将作为人工智能和网络安全社区的联系纽带，其研究工作将得到从K-12到博士后学生的教育创新，劳动力发展新工具的开发以及为研究所组织之间以及与外部行业合作伙伴之间的合作创造新机会的补充。人工智能研究所将启动一种革命性的网络安全方法，其中支持人工智能的智能安全代理在整个网络防御生命周期中与人类合作，随着时间的推移共同改善复杂计算机系统的安全态势。智能安全代理将遵循一种新的模式，即自主地并与人类专家合作进行持续的终身学习，由共享知识库和集成的AI堆栈提供支持，该堆栈为（1）结合领域知识的推理和学习，（2）人机交互，（3）多代理协作，以及（4）战略游戏和战术规划提供了新的基本原语。随着时间的推移，这些智能安全代理将提高他们的领域知识，在面对对手的操作模式变化时变得越来越强大和有效，在存在不确定性的情况下制定防御战略和战术计划，相互合作并与人类进行互补合作，并适应不熟悉和新颖的攻击。国土安全部和IBM正在与NSF合作，为该研究所提供资金。该奖项反映了NSF的法定使命，并被认为是值得的通过使用基金会的知识价值和更广泛的影响审查标准进行评估，