Warning and management of cyber threats by a hybrid AI system (robot and operator) |
---|
This paper presents a warning system and risk management model, in which early signals of cyber threats are generated using machine learning and artificial intelligence to support the defender’s decisions. Cyber threats and attacks are modeled as a set of discrete observable steps in the “kill chain”. A hybrid AI system (a “super-agent” including a robot and human being) allows the robot, when it has acquired sufficient information, to make automatic defensive responses before losses occur. The quantitative model that supports these decisions is based on machine learning and decision analysis. The model allows the robot to call on the operator (“person in the loop”) when the situation requires it. This overall model guides decisions to open or close gates in a system, based on attack and behavior signals at the beginning of the kill chain. |
Professor of Management and Engineering at Stanford. Teaching and research in engineering risk analysis. Member of the National Academy of Engineering. Co-chair of NASEM committee on risk analysis methods for nuclear weapons and terrorism. 2021 IEEE Ramo medal in systems engineering and science.