Cyber Diversity Index for Sustainable Self-Control of Machines

Abstract

Advanced and autonomous defence systems are needed to detect and mitigate new cyber attacks that target emerging technologies. This research defines cybersecurity preliminaries and stimulates questions to expose the complexities of automation and autonomous cybersecurity. A concept of autonomous anomaly management is introduced, where anomalies are defined not just as anomalous human readable strings, but as “unknown changes” and the need to better manage changes that can not be easily explained. Cybernetic principles are explored, and experiments are undertaken for quantitative analysis. Biodiversity Indices that compare relationships between species and communities in ecology are applied to cybernetic environments, to compare dynamic relationships between business applications. The proposed Cyber Diversity Index applies to all software-driven systems and environments. Changes of application's system calls are measured in real-time and monitored for unknown diversity changes, or “the anomaly,” when the system is placed under a zero-day attack. Experimental data is collected from continuous sampling of applications' activity states, which contributes to both the behavioral change profiles and the dynamic normal baselines for the autonomous anomaly management. The findings in this research show that it is possible to define unique system entropic behaviors from applications' activity that is triggered from internal or external stimulus.