Warnings and Management of Cyber Attacks and the Role of Artificial Intelligence
The threat of cyber attacks can be addressed first by acquiring some knowledge about the potential attackers. Our study thus started by installing 18 "honeypots" that attracted a good number of "visitors" and revealed some of their characteristics. The model is then based on observation and response to the steps of the "kill chain", which are the steps of an attack, and the defender's ability to manage these "gates", i.e., close or open à path in the system based on the probability that the potential actor is indeed an adversary (as opposed to a legitimate visitor). The decision to close or open the gates and interrupt the progression of the visitor in the system is made by a hybrid decision maker. First a "robot" is fed by an AI system constantly updated by Machine Learning, and can manage these decisions provided that the uncertainties and the consequences of an error are not too large. Second, a human operator who has more perspective can make these more difficult decisions, while teaching the robot how to handle them. The result is a "gate policy" that accounts for the uncertainties that remain about each "visitor" and maximizes the expected utility of the organization when making these risk management decision.
Dr. Marie-Elisabeth Paté-Cornell is the Burt and Deedee McMurtry Professor in the School of Engineering and a Senior Fellow (by courtesy) of the Stanford Freeman-Spogli Institute for International Studies. Her specialty is engineering risk analysis, with applications to complex systems (space, medical, offshore oil platforms, cyber security, etc.). Her work has been based on probabilistic and stochastic models and on Artificial Intelligence. She is a member of the National Academy of Engineering, the French Académie des Technologies, the NASA Advisory Council, and a Distinguished Visiting Scientist of the Jet Propulsion Lab. She was a member of the President’s Foreign Intelligence Advisory Board (2001 to 2008). She holds a BS in Mathematics and Physics, Marseille (France), an Engineering degree (Applied Math/CS) from the Institut Polytechnique de Grenoble (France), an MS in Operations Research (OR) and a PhD in Engineering-Economic Systems (EES), both from Stanford University. She is the author or coauthor of numerous publications including several Best Paper awards. She was awarded the 2002 Distinguished Achievement Award of the Society for Risk Analysis (of which she is a Fellow), the INFORMS Ramsey Medal of Decision Analysis (2010), an Honorary PhD from the University of Strathclyde (2016), and the IEEE Ramo medal for Systems Engineering and Science in 2021.