Probalogical Hybrid Defense (PHD): A new approach to automated reasoning and its application to cyber defense

Abstract

The PROBALOGICAL HYBRID DEFENSE (PHD) research will begin with a preliminary design for a PHD-based network intrusion system incorporating a multiplicity of interconnected logical and statistical reasoning components. They will then segue to a design they call EVOLVABLE COOPERATIVE LEARNING INTRUSION PREVENTION SYSTEM ELEMENTS (ECLIPSE) that is focused on knowledge transfer amongst independent reasoners with distinct knowledge bases and representations that nonetheless operate cooperatively. ECLIPSE naturally incorporates policy control as directed knowledge transfer. ECLIPSE is also focused on cyberdefense but can be seen as extending the reach of the PHD elements to decentralized defense. Their ultimate design is SCALABLE KNOWLEDGE-BASED INTRUSION PREVENTION AND PROTECTION EMPLOYING REASONING (SKIPPER) which incorporates reputations and is intended to extend our learning and reasoning ideas to world scales. Objective: The PIs will investigate and develop and lay the scientific foundations for a unification of statistical and formal automated reasoning systems, applied to the domain of cyberdefense. They called the overall effort PROBALOGICAL HYBRID DEFENSE (PHD). Approach: The rapid evolution of cyberthreats as well as increasingly complex demands on automated systems have forced undesirable choices in designs, such as selecting between responsiveness and accuracy. Recent advances in both statistical machine learning and traditional logic (as exemplified by machine reasoning systems) suggest an exciting new research direction, where a set of classifications useful for quick intuitive (“gut”) reactions is maintained and constantly refined, while powerful logic-based automated reasoning tools maintain consistency and model the world (including planning for future actions). Such a probabilistic / symbolic logic hybrid (they have coined the term “probalogical” for this concept) can always react rapidly, but with ever-improving quality as classifications and the symbolic knowledge base are updated. As demonstration examples, they will design and implement two experimental proof of concept applications of probalogical reasoning in the domain of cyberdefense (PROBALOGICAL HYBRID DEFENSE, or PHD), specifically EVOLVABLE COOPERATIVE LEARNING INTRUSION PREVENTION SYSTEM ELEMENTS (ECLIPSE) and SCALABLE KNOWLEDGE-BASED INTRUSION PREVENTION Overall Merit and ONR Mission/Relevance: The proposed research main objective to develop the scientific foundation for synergistic composition of formal and statistical reasoning instances explores new frontier in artificial intelligence, significantly beyond the integration of uncertainty/probability within rulebase/knowledgebase, such as Markov Logic Network, Bayesian Logic, etc. The validation application they chose; adaptive and autonomous intrusion prevention systems (ECLIPSE & SKIPPER), utilizing the new paradigm of synergistic collaboration of statistical and formal reasoning, are expected to provides automation and adaptive autonomy, capable of eclipsing network-attack directed to it, with minimal operator involvement. The validation applications develop within this research project: network intrusion prevention systems (NIPS) called ECLIPSE and SKIPPER, are expected to be adaptive and autonomous, beyond the capability and intelligent of any NIPS currently exist. When further matures within our 6.2 program, these systems can significantly enhanced the security of Navy’s networking infrastructure. The security of Navy’s networking infrastructure is essential to the success of Navy missions.

Document Details

Document Type

DoD Grant Award

Publication Date

Aug 12, 2016

Source ID

N000141512006

Entities

Tags