Autonomic Cyber Resilience
Location: Hawthorn, Melbourne, VIC
Duration: 5-6 months
Proposed start date: January 2019
Keywords: Computer Science, Software Engineering, Algorithm Development, Machine Learning, Artificial Intelligence
Please note: This internship has an assigned Academic Mentor from Swinburne University of Technology. This internship is exclusive to PhD students at Victorian Universities. Any applicants not meeting this requirement will automatically be deemed ineligible for this project.
Autonomous cyber defence is a relatively recent security approach building on existing work from the last two decades in intrusion detection, vulnerability analysis, AI, and other areas. A core feature of an autonomous cyber defence system is its ability to automatically manage and adapt its own functionality in a decentralised fashion as a result of internal (systemic) and external (environmental) changes, and to maintain its functionality in the face of adverse circumstances. This feature can be realised via distributed self-management.
Swinburne University of Technology is working with Defence Science and Technology (DST) Group and CSIRO’s Data61 on a Next Generation Technologies collaborative research project, “Autonomic Computing for Resilient Cyber Operations in Contested Environments”, which aims to develop comprehensive solutions for distributed self-management in the context of autonomous cyber defence (with potentially broader applicability to IoT and Cloud-based enterprise scenarios), with a specific focus on self-* properties for system deployment, configuration and reliability. The project involves addressing critical problems for self-management pertaining to decentralised coordination, knowledge management and decision-making; synchronisation and state management; policy-based frameworks and formal languages; higher-order optimality, including self-improvement; and evaluation/self-evaluation techniques based on the modelling and quantification of cyber resilience – among others. Thus far, the project has developed an initial version of the AWaRE framework and a supporting AWaRE Domain-Specific Language for enabling self-management using constraint models and autonomous agents.
Research to be Conducted
The research conducted by the intern will address one of the problem areas of the project, to be agreed based on the expertise/interests of the intern and research priorities, with some examples being:
- Handling failure of management elements – develop an approach for improved fault-tolerance of self-managing systems by maintaining “managing sub-system” capabilities even when some of the self-* management elements are compromised. One way to achieve this is through leader election and coordination, including multi-agent coordination algorithms.
- Conflict resolution between self-* management elements – develop a conflict resolution approach through inter-self-* manager negotiation. This can refer to the self-* manager negotiation relating to a particular self-* property or between different self-* properties.
- Automated problem decomposition – incorporate support for automated problem decomposition and sub-problem to agent assignment. The goal of this would be to automatically determine a suitable problem structure and/or agent architecture model from within the AWaRE Domain-Specific Language, which in turn could help to support self-organization.
- Conflict resolution in specifications and other DSL extensions – While the AWaRE DSL supports manual specification of problem decomposition and mapping of sub-problems to agents, there is no support for detecting incompatible assignments. This requires extensions to support conflict detection and resolution. Further extensions to the AWaRE DSL could incorporate additional information into specified models, such as historical behaviours, time constraints and others; to create security-specific constructs; and to construct dynamic generation/transformation mechanisms between different types of models or models with different levels of detail.
- Combining reactive and deliberative planning – Currently, AWaRE supports reactive planning, i.e., reconfiguration is realized through the selection of predefined local plans based on ECA (Event-Condition-Action) rules. An improvement to this would be to combine goal-oriented planning with reactive planning, and to explore additional distributed planning or decision-making algorithms.
- Developing approaches for self-improvement – In the context of self-adaptive systems, self-improvement refers to the ability to evolve the system’s adaptation mechanisms over time. A solution to this problem could consider applications of machine learning on historical systems states and actions, as well as to predict near-future states or actions.
- Candidate must be completing a PhD degree in Computer Science, Software Engineering or other relevant field
- Demonstrated knowledge and experience in one or more of the following areas: Autonomic/Self-Adaptive Computing, Artificial Intelligence, Multi-Agent Systems, Machine Learning, Distributed Computing, Software Engineering, Cyber Security.
- Proven ability to carry out innovative research
- Self-management and independent learning, including time management
- Collaboration with other researchers and software engineers in a multi-organisation, R&D team environment.
- Excellent communication, technical reporting and scientific writing skills
It is expected that an intern with the appropriate expertise will be able to further extend AWaRE in one or more of the problem areas of the project, contributing ideas, algorithms and implementations for realising distributed self-management.
The Intern will be expected to:
- Define and document the relevant problems and sub-problems under investigation, develop concepts and solutions for these problems, and (where appropriate) design and prototype suitable algorithms or software implementations, either stand-alone or as part of the AWaRE framework.
- Evaluate and validate the developed concepts, algorithms and prototypes, and document analysis of the results.
- Author or co-author a scientific paper or report summarising the outcomes of the internship.
The intern will receive $3,000 per month of the internship, usually in the form of stipend payments.
It is expected that the intern will primarily undertake this research project during regular business hours, spending at least 80% of their time on-site with the industry partner. The intern will be expected to maintain contact with their academic mentor throughout the internship either through face-to-face or phone meetings as appropriate.
The intern and their academic mentor will have the opportunity to negotiate the project’s scope, milestones and timeline during the project planning stage.
30 January 2019
INT – 0554