Reinforcement Learning vs Genetic Algorithms in Game-Theoretic Cyber-Security

Niculae, Stefan

doi:10.31237/osf.io/nxzep

Cited by 8 publications

(5 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Niculae built a more realistic multi-agent system, where included the interactions among attackers, defenders and normal users [56]. In the system, ten attack actions, three defense actions and three normal user actions were designed.…”

Section: Pentest Based On Pomdpmentioning

confidence: 99%

Research and Challenges of Reinforcement Learning in Cyber Defense Decision-Making for Intranet Security

et al. 2022

View full text Add to dashboard Cite

In recent years, cyber attacks have shown diversified, purposeful, and organized characteristics, which pose significant challenges to cyber defense decision-making on internal networks. Due to the continuous confrontation between attackers and defenders, only using data-based statistical or supervised learning methods cannot cope with increasingly severe security threats. It is urgent to rethink network defense from the perspective of decision-making, and prepare for every possible situation. Reinforcement learning has made great breakthroughs in addressing complicated decision-making problems. We propose a framework that defines four modules based on the life cycle of threats: pentest, design, response, recovery. Our aims are to clarify the problem boundary of network defense decision-making problems, to study the problem characteristics in different contexts, to compare the strengths and weaknesses of existing research, and to identify promising challenges for future work. Our work provides a systematic view for understanding and solving decision-making problems in the application of reinforcement learning to cyber defense.

show abstract

Section: Pentest Based On Pomdpmentioning

confidence: 99%

Research and Challenges of Reinforcement Learning in Cyber Defense Decision-Making for Intranet Security

et al. 2022

View full text Add to dashboard Cite

show abstract

“…Manual penetration tests, although effective, can hardly meet all security requirements that are constantly changing and evolving (Niculae, 2018). Furthermore, they require specialized knowledge which, in addition to presenting a high cost, is typically slower.…”

Section: Related Workmentioning

confidence: 99%

“…The alternative is automated tools that, although faster, often do not adapt to the context and uniqueness of each application. In (Niculae, 2018), the author developed a reinforcement learning strategy capable of compromising a system faster than a brute force and random approach. This concluded that it is possible to build an agent capable of learning and evolving over time so that it can penetrate a network.…”

Section: Related Workmentioning

confidence: 99%

Exploring SQL Injection Vulnerabilities Using Artificial Bee Colony

2021

Proceedings of the International Conferences on WWW/Internet 2021 and Applied Computing 2021

View full text Add to dashboard Cite

Over the last couple of decades, there has been an enormous growth in technologies and services available on the internet. This growth must take security into account, although due to the increase in complexity of systems this is not an easy task. Nowadays, hardly any organization may say with certainty that their system is secure. The Open Web Application Security listed "Injection" as the most security risk for web applications in 2020. There are many automated tools to assist professionals in the field, in order to identify this vulnerability. However, keeping these tools up to date has proven to be a challenge. Therefore, there has been some interest in applying Artificial Intelligence (AI) in this field. In this paper, we propose an approach to detect SQL injection vulnerabilities in the source code, using Artificial Bee Colony (ABC). To test this approach empirically we used web applications purposefully vulnerable as Bricks, bWAPP, and Twitterlike. Simulation results verify the effectiveness of the ABC algorithm.

show abstract

“…Pen testing simulations [17,20] have been used to train red agents using reinforcement learning. These simulations use a realistic action space to enable agents to learn how to attack a network.…”

Section: Related Workmentioning

confidence: 99%

CybORG: An Autonomous Cyber Operations Research Gym

Baillie,

Standen,

Schwartz

et al. 2020

Preprint

View full text Add to dashboard Cite

Autonomous Cyber Operations (ACO) involves the consideration of blue team (defender) and red team (attacker) decision-making models in adversarial scenarios. To support the application of machine learning algorithms to solve this problem, and to encourage such practitioners to attend to problems in the ACO setting, a suitable gym (toolkit for experiments) is necessary. We introduce CybORG, a work-inprogress gym for ACO research. Driven by the need to efficiently support reinforcement learning to train adversarial decision-making models through simulation and emulation, our design differs from prior related work. Our early evaluation provides some evidence that CybORG is appropriate for our purpose and may provide a basis for advancing ACO research towards practical applications.

show abstract

Reinforcement Learning vs Genetic Algorithms in Game-Theoretic Cyber-Security

Cited by 8 publications

References 8 publications

Research and Challenges of Reinforcement Learning in Cyber Defense Decision-Making for Intranet Security

Research and Challenges of Reinforcement Learning in Cyber Defense Decision-Making for Intranet Security

Exploring SQL Injection Vulnerabilities Using Artificial Bee Colony

CybORG: An Autonomous Cyber Operations Research Gym

Contact Info

Product

Resources

About