Coactive Emergence as a Sensemaking Strategy for Cyber Operations

In this article we describe how we apply the concept of coactive emergence as a phenomenon of complexity that has implications for the design of sensemaking support tools involving a combination of human analysts and software agents. We apply this concept in the design of work methods for distributed sensemaking in cyber operations. Sensemaking is a motivated, continuous effort to understand, anticipate, and act upon complex situations. We discuss selected results of a macrocognitive work analysis that informed our focus for design and development of support tools. In that analysis, we identified seven target topics that would be the focus of our research: engaging automation as a full partner, reducing the volume of uncorrelated events, continuous knowledge discovery, more effective visualizations, collaboration and sharing, minimizing tedious work, and architecting scalability and resilience. In addressing the first target topic, we show how coactive emergence inspires an agent-supported threat understanding process that is consistent with Klein’s Data/Frame theory of sensemaking. In subsequent sections, we describe our efforts to address the remaining six target topics as part of design and development of a cyber operations framework called Sol. Specifically, we describe the use of agents, policies, and visualization to enable coactive emergence for taskwork and teamwork. We also show how policy-governed agents working collaboratively with people can help in additional ways. We introduce the primary implementation frameworks that provide the core capabilities of our Sol cyber framework: the Luna Software Agent Framework, and the KAoS Policy Services Framework. We describe areas for future development of Sol, including the incorporation of the VIA Cross-Layer Communications Substrate. Finally, we describe recent results and current plans for empirical studies addressing some of the issues raised in this article.

[1]  Marco Carvalho,et al.  Agent-Based Immunological Intrusion Detection System for Mobile Ad-Hoc Networks , 2008, ICCS.

[2]  Jeffrey M. Bradshaw,et al.  The Dynamics of Trust in Cyberdomains , 2009, IEEE Intelligent Systems.

[3]  Sushil Jajodia,et al.  Moving Target Defense - Creating Asymmetric Uncertainty for Cyber Threats , 2011, Moving Target Defense.

[4]  Christopher G. Langton,et al.  Artificial Life: Proceedings Of An Interdisciplinary Workshop On The Synthesis And Simulation Of Living Systems , 1989 .

[5]  Jeffrey M. Bradshaw,et al.  Network Situational Awareness: A Representative Study , 2009, Software Engineering.

[6]  Marco Carvalho,et al.  MAST: Intelligent Roaming Guards for Network and Host Security , 2005 .

[7]  E. Salas,et al.  Theories of Team Cognition: Cross-Disciplinary Perspectives , 2013 .

[8]  FRANK E. POLLICK,et al.  PII: S0042-6989(96)00188-5 , 1997 .

[9]  Carlos Perez,et al.  An evolutionary multi-agent approach to anomaly detection and cyber defense , 2011, CSIIRW '11.

[10]  Carlos Perez,et al.  Organic Resilience for Tactical Environments , 2010, BIONETICS.

[11]  Mary Beth Rosson,et al.  The task-artifact cycle , 1991 .

[12]  Douglas C. Schmidt,et al.  Dynamic policy‐driven quality of service in service‐oriented information management systems , 2011, Softw. Pract. Exp..

[13]  Gary Klein,et al.  Making Sense of Sensemaking 1: Alternative Perspectives , 2006, IEEE Intelligent Systems.

[14]  Jeffrey M. Bradshaw,et al.  Toward a flexible ontology-based policy approach for network operations using the KAoS framework , 2011, 2011 - MILCOM 2011 Military Communications Conference.

[15]  David Woods,et al.  Challenges in managing uncertainty during cyber events : Lessons from the staged-world study of a large-scale adversarial cyber security exercise , 2011 .

[16]  Jeffrey M. Bradshaw,et al.  NOMADS: Toward an Environment for Strong and Safe Agent Mobility1 , 1999 .

[17]  Paul J. Feltovich,et al.  Learning, Teaching and Testing for Complex Conceptual Understanding. , 1991 .

[18]  Jeffrey M. Bradshaw,et al.  Knowledge acquisition as a constructive modeling activity , 1993, Int. J. Intell. Syst..

[19]  J.M. Bradshaw,et al.  Policy-Based Design of Human-Machine Collaboration in Manned Space Missions , 2009, 2009 Third IEEE International Conference on Space Mission Challenges for Information Technology.

[20]  Jeffrey M. Bradshaw,et al.  An introduction to software agents , 1997 .

[21]  Alan Kay,et al.  User Interface: A Personal View , 2005 .

[22]  Jeffrey M. Bradshaw,et al.  KAoS: toward an industrial-strength open agent architecture , 1997 .

[23]  David Woods,et al.  The alarm problem and directed attention in dynamic fault management , 1995 .

[24]  Yifan Li,et al.  VisFlowConnect: netflow visualizations of link relationships for security situational awareness , 2004, VizSEC/DMSEC '04.

[25]  Christian Müller-Schloer,et al.  Organic computing: on the feasibility of controlled emergence , 2004, CODES+ISSS '04.

[26]  Carlos Perez,et al.  Distributed policy learning for the Cognitive Network Management System , 2010, 2010 - MILCOM 2010 MILITARY COMMUNICATIONS CONFERENCE.

[27]  Gary Klein,et al.  Making Sense of Sensemaking 2: A Macrocognitive Model , 2006, IEEE Intelligent Systems.

[28]  Jeffrey M. Bradshaw,et al.  Sol: An Agent-Based Framework for Cyber Situation Awareness , 2012, KI - Künstliche Intelligenz.

[29]  Jeffrey M. Bradshaw,et al.  Social Order and Adaptability in Animal and Human Cultures as Analogues for Agent Communities: Toward a Policy-Based Approach , 2003, ESAW.

[30]  Jeffrey M. Bradshaw,et al.  New Developments in Ontology-Based Policy Management: Increasing the Practicality and Comprehensiveness of KAoS , 2008, 2008 IEEE Workshop on Policies for Distributed Systems and Networks.

[31]  Maarten Sierhuis,et al.  Autonomy and interdependence in human-agent-robot teams , 2012, IEEE Intelligent Systems.

[32]  J. G. Hollands,et al.  Engineering Psychology and Human Performance , 1984 .

[33]  Maarten Sierhuis,et al.  Human-agent-robot teamwork , 2012, 2012 7th ACM/IEEE International Conference on Human-Robot Interaction (HRI).

[34]  Nancy E. Johnson Mediating representations in knowledge elicitation , 1989 .

[35]  Ma. de la Natividad Jiménez Salas,et al.  The Conduct of Inquiry , 1967 .

[36]  M Lind Perceiving motion and rigid structure from optic flow: A combined weak-perspective and polar-perspective approach , 1996, Perception & psychophysics.

[37]  David T. Moore,et al.  Sensemaking: A Structure for an Intelligence Revolution , 2011 .

[38]  Kyle Usbeck,et al.  Integrated information and network management for end-to-end Quality of Service , 2011, 2011 - MILCOM 2011 Military Communications Conference.

[39]  H. W. Leibowitz,et al.  The Two Modes of Visual Processing: Implications for Spatial Orientation , 1984 .

[40]  David Woods,et al.  1. How to make automated systems team players , 2002 .

[41]  Kenneth M. Ford,et al.  Human-Centered Computing: Thinking In and Out of the Box , 2001, IEEE Intell. Syst..

[42]  G. Caputo,et al.  The Role of the Background: Texture Segregation and Figure—Ground Segmentation , 1996, Vision Research.

[43]  Jeffrey M. Bradshaw,et al.  Command and Control Requirements for Moving-Target Defense , 2012, IEEE Intelligent Systems.

[44]  S. Kastner,et al.  Neuronal Correlates of Pop-out in Cat Striate Cortex , 1997, Vision Research.

[45]  Jeffrey M. Bradshaw,et al.  Human-Agent Teamwork in Cyber Operations: Supporting Co-evolution of Tasks and Artifacts with Luna , 2012, MATES.

[46]  William J. Clancey,et al.  Progress Appraisal as a Challenging Element of Coordination in Human and Machine Joint Activity , 2008, ESAW.

[47]  Paul J. Feltovich,et al.  Common Ground and Coordination in Joint Activity , 2005 .

[48]  Jeffrey M. Bradshaw,et al.  Ten Challenges for Making Automation a "Team Player" in Joint Human-Agent Activity , 2004, IEEE Intell. Syst..

[49]  Colin Ware,et al.  Information Visualization: Perception for Design , 2000 .

[50]  Tara Matthews,et al.  Designing and evaluating glanceable peripheral displays , 2006, DIS '06.

[51]  Marco Carvalho A distributed reinforcement learning approach to mission survivability in tactical MANETs , 2009, CSIIRW '09.

[52]  W. Clancey The Cambridge Handbook of Expertise and Expert Performance: Observation of Work Practices in Natural Settings , 2006 .

[53]  Maarten Sierhuis,et al.  Human-agent-robot teamwork , 2012, IEEE Intell. Syst..

[54]  Maarten Sierhuis,et al.  Beyond Cooperative Robotics: The Central Role of Interdependence in Coactive Design , 2011, IEEE Intelligent Systems.

[55]  A. Bradley,et al.  Characterization of spatial aliasing and contrast sensitivity in peripheral vision , 1996, Vision Research.

[56]  Elinor Ostrom,et al.  Polycentric Systems as One Approach for Solving Collective-Action Problems , 2008 .

[57]  Niranjan Suri,et al.  MAST – A Mobile Agent-based Security Tool , 2003 .

[58]  Jeffrey M. Bradshaw,et al.  Implementing Collective Obligations in Human-Agent Teams Using KAoS Policies , 2009, COIN@AAMAS&IJCAI&MALLOW.

[59]  Paul J. Feltovich,et al.  A Rose by Any Other Name...Would Probably Be Given an Acronym , 2002, IEEE Intell. Syst..

[60]  D.E. O'Leary HCC implications for the procurement process , 2006, IEEE Intelligent Systems.

[61]  Tony Curzon Price,et al.  Emergence: From Chaos to Order by John H. Holland , 1998, J. Artif. Soc. Soc. Simul..