Vyas, Sanyam, Bolton, Andrew, Mavroudis, Vasilios and Burnap, Peter  ORCID: https://orcid.org/0000-0003-0396-633X
2025.
Towards the deployment of realistic autonomous cyber network defence: A systematic review.
ACM Computing Surveys
10.1145/3729213
|
Abstract
In the ongoing network cybersecurity arms race, the defenders face a significant disadvantage as they must detect and counteract every attack. Conversely, the attacker only needs to succeed once to achieve their goal. To balance the odds, Autonomous Cyber Network Defence (ACND) employs autonomous agents for proactive and intelligent cyber-attack response. This article surveys the state of the art of Autonomous Blue and Red Teaming agents, as well as cyber operations environments. We begin by presenting a detailed set of criteria for ACND algorithms and systems that evaluate the preparedness of integrating autonomous agents into real-world networked environments. Our analysis identifies critical research gaps and challenges within the ACND landscape, including issues of autonomous agent explainability, continuous learning capability under evolving threats, and the development of realistic agent training environments. Based on these insights, we discuss promising research directions and open challenges that need to be addressed for the deployment of ACND agents in real-world networks.
| Item Type: | Article |
|---|---|
| Date Type: | Published Online |
| Status: | In Press |
| Schools: | Schools > Computer Science & Informatics |
| Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
| Publisher: | Association for Computing Machinery (ACM) |
| ISSN: | 0360-0300 |
| Funders: | EPSRC |
| Date of Acceptance: | 1 April 2025 |
| Last Modified: | 28 May 2025 09:36 |
| URI: | https://orca.cardiff.ac.uk/id/eprint/177660 |
Actions (repository staff only)
 |
Edit Item |
Dimensions
Dimensions