Abstract
We propose that cognitive models will help advance autonomous cyber defense. Congitive models, in contrast to many other sophisticated approaches, such as machine learning models, have the ability to represent human actions, account for human cognitive constraints, and make more accurate predictions of the decisions a human would make. The success of cyber defense largely depends on the ability to predict the attacker’s actions, and expert cyber defenders acquire such an ability through experience. We propose a cognitive model of a cyber defender and demonstrate the model’s predictions in a simple but realistic scenario against two types of attack strategies and under various conditions of noise and feedback frequency regarding the attacker’s actions. The results of the simulations illustrate the expected impact on defense losses when attackers are more knowledgeable,fast, and directed in their attacks compared to when an attacker meanders around; results show how losses increase in the presence of normal activity and how a defender can benefit from receiving feedback less often to reduce losses. We discuss the implications of these results for the future of autonomous cyber defense.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
