Abstract
Despite the significant attention being given to the critical problems of cyber security, the ability to keep up with the increasing volume and sophistication of network attacks is seriously lagging. Throwing more computing horsepower at fundamentally-limited visualization and analytic approaches will not get us anywhere. Instead, we need to seriously rethink the way cyber security tools and approaches have been conceived, developed, and deployed. IHMC is taking advantage of the combined strengths of humans and software agents to create new capabilities for Network Operations Centers (NOCs). These capabilities are being implemented in a new cyber defense framework called Sol. Our objective is to enable distributed sensemaking, rapid detection of threats, and effective protection of critical resources. Specifically, we use agents, policies, and visualization to enact coactive emergence as a sensemaking strategy for taskwork and teamwork, and we implement capabilities for organic resilience and semantically-rich policy governance as a means of assuring effective and adaptive human-agent team response. IHMC has applied its long years of experience with software agents to the design of a new agent framework called Luna. Luna agents function both as interactive assistants to analysts and as continuously-running background aids to data processing and knowledge discovery. Luna agents achieve much of their power through built-in teamwork capabilities that, in conjunction with IHMC's KAoS policy services framework, allow them to be proactive, collaborative, observable, and directable. In order to support dynamic scalability and other features of the Sol framework, the Luna platform supports the policy-governed option of allowing the state of agents (vs. code of agents) to migrate between operating environments and hosts. We believe that the approach to cyber defense embodied in Sol is equally relevant to applications of distributed sensemaking for other kinds of complex high-tempo tasks such as real-time disease control or disaster management.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call