Agent-based modeling framework for adaptive cyber defence of the Internet of Things

Abstract

The adoption of the Internet of Things (IoT) continues to increase significantly, introducing unique challenges and threats to cybersecurity. In parallel, adaptive and autonomous cyber defence has become an emerging research topic leveraging Artificial Intelligence for cybersecurity solutions that can learn to recognize, mitigate, and respond to cyber attacks, and evolve over time as the threat surface continues to increase in complexity. This paradigm presents an environment strongly conducive to agent-based systems, which offer a model for autonomous, cooperative, goal-oriented behaviours which can be applied to perform adaptive cyber defence activities. This thesis aims to bridge the gap between theoretical multi-agent systems research and cybersecurity domain knowledge by presenting a novel applied framework for adaptive cyber defence that can address a wide range of challenges and provide a foundation for significant future research in systems modeling for cybersecurity. Belief-Desire-Intention (BDI) agent architecture is extended within this work through a novel application of knowledge graphs to provide a scalable data model for agents to understand their environment, infer the context of threats, create goals associated with security requirements, and select plans based on possible actions and expected results. The framework has been implemented to demonstrate the feasibility of the architecture and evaluate the design properties through applied security use cases. While the experimental results have demonstrated the value of the framework applied to IoT systems, the concept can be easily expanded to other domains. This thesis provides the foundation to inspire further research works in this area for continued development, application, and optimization to support the advancement of the industry and bring autonomous, adaptive cyber defence to realization.