When Autonomous Intelligent Goodware will Fight Autonomous Intelligent Malware: A Possible Future of Cyber Defense

In the coming years, the future of military combat will include, on one hand, artificial intelligence-optimized complex command, control, communications, computers, intelligence, surveillance and reconnaissance (C4ISR) and networks and, on the other hand, autonomous intelligent Things fighting autonomous intelligent Things at a fast pace. Under this perspective, enemy forces will seek to disable or disturb our autonomous Things and our complex infrastructures and systems. Autonomy, scale and complexity in our defense systems will trigger new cyber-attack strategies, and autonomous intelligent malware (AIM) will be part of the picture. Should these cyber-attacks succeed while human operators remain unaware or unable to react fast enough due to the speed, scale or complexity of the mission, systems or attacks, missions would fail, our networks and C4ISR would be heavily disrupted, and command and control would be disabled. New cyber-defense doctrines and technologies are therefore required. Autonomous cyber defense (ACyD) is a new field of research and technology driven by the defense sector in anticipation of such threats to future military infrastructures, systems and operations. It will be implemented via swarms of autonomous intelligent cyber-defense agents (AICAs) that will fight AIM within our networks and systems. This paper presents this cyber-defense technology of the future, the current state of the art in this field and its main challenges. First, we review the rationale of the ACyD concept and its associated AICA technology. Then, we present the current research results from NATO's IST-152 Research Task Group on the AICA Reference Architecture. We then develop the 12 main technological challenges that must be resolved in the coming years, besides ethical and political issues.