Autonomic Intelligent Cyber Sensor (AICS)

Organization: Idaho National Laboratory
Year: 2018

Autonomic Intelligent Cyber Sensor (AICS) is an Al-based sensor to easily and immediately recognize and report hacking attempts and cyber threats on information systems controlling the nation’s most critical infrastructure, including the electrical grid, oil and gas refineries, and pipelines. AICS can also set up decoy virtual hosts, known as honey pots, to distract attackers from targets, giving asset owners the ability and time to gather information that can help identify both the attacker and a potentially compromised system. Current network intrusion alert systems work by collecting data on past cybersecurity events. Unfortunately, new and previously unknown threats, called zero-day exploits, easily slip through this type of detection system, so the recognition threshold is generally set very low. False positive alerts often occur, which require constant monitoring and intervention. AICS identifies and maps normal business and operations traffic within an industrial control system. Once AICS knows what that normal traffic looks like, it uses machine learning to continue learning about the control system as updates occur. Because it learns the system, AICS can easily and immediately recognize and report on anomalous activity with very high accuracy, even if it has never seen that activity before.

For more info: https://www.inl.gov/