RSA-DC: Building Robust and Self-Adaptive Defense Capability in Cyber Systems

Principal Investigator: 
Songqing Chen, professor, computer science, George Mason University.

Co-Principal Investigator: 
Qun Li, professor, computer science, College of William and Mary

Project Description: 
Most of our services today, ranging from the entertainment to the military, rely on various cyberinfrastructures. As such, attacks targeting cyberinfrastructures, and the corresponding damage and loss caused, keep increasing. While continuous efforts are being made to defend against such attacks, the arms race between attackers and defenders is getting more and more intensive. Most defenses are still mostly static. The efficiency and effectiveness of such defense systems are often heavily relying on the operator and domain experts and their knowledge and experience. Therefore, such systems often cannot keep pace with the attackers. This project proposes to build a RSA-DC, a framework that builds robust and self-adaptive defense capability for existing cyber systems. RSA-DC is built on top of the latest network technology and machine learning and AI techniques. To achieve this goal, the researchers plan to first leverage the software defined networking (SDN) and programmable data planes to achieve low overhead network event collector. Second, to minimize the delay and errors introduced by manual operations of operators, they propose to build a bias learning based dual reinforcement learning model to automate the operation of the systems based on the collected events. Such a model can self-adapt to the monitored events by guiding the operations of the defense system automatically. The researchers plan to build a prototype on cloud data center networks. Note RSA-DC does not exclude experts’ experience and domain knowledge. Instead, it aims to utilize such important knowledge more effectively in an automatic and self-adaptive manner.