By Loren Blinde May 25, 2022
On May 24, the U.S. Army posted an invitation to the upcoming Machine Learning Assessment Event, which will be held August 2 to 5. Responses are due by June 28.
The Cyber Fusion Innovation Center (CFIC), in collaboration with U.S. Army Cyber Command (ARCYBER) Technical Warfare Center (TWC), will host a series of events to identify existing and/or potential capabilities and expertise to reduce cognitive workloads and optimize workflows within its four mission areas (defend, operate, influence, and attack) to further increase operational effectiveness.
Machine learning (ML) and artificial intelligence (AI)-enabled systems can effectively reduce Warfighter burden by automating portions of their workflows to increase Warfighter accuracy and throughput. Warfighters with shorter, more accurate workflows will therefore increase operational effectiveness across many various lines of effort. Defensive and offensive cyberspace workflows involve finding a capability or technique to generate an effect somewhere in an environment under certain conditions. Understanding the entire solution space manually is cumbersome, time-consuming, and in most cases infeasible. An AI-based system could reduce this problem to the subset of capabilities/techniques that have the highest probability of success given past experience. This would enable faster and more accurate solution finding, ultimately improving operational effectiveness.
Known Capability Needs
- How to proactively and continuously support asset identification and
compliance at the network edge via at-scale enterprise network traffic
analytics, in support of the Cyber mission. May include but not limited to identification and status of all end-points, current status of patching, and recommendations for patching priorities.
- Automatically identify vulnerable surfaces or likely bad-actor avenues of approach to our network. May include but not limited to dynamically identifying adversarial Grey and Red space infrastructure.
- How to enable dynamic automation, augmentation, or reconfiguration of network infrastructure for detection of malicious intent and intervention against adversary actions in support of cyber operations at the network edge. May or may not include human intervention.
- How to identify malicious (preferred) or anomalous behavior in data
related to netflow or PCAP.
While the ideal solution is preferred, capabilities that address individual components will be considered. Partnerships among potential solution providers resulting in complete solutions are highly encouraged.