Yanjiao Chen,Zhicong Zheng,Xueluan Gong

DOI: https://doi.org/10.1109/tdsc.2022.3207429

2022-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Recent works have revealed that backdoor attacks against Deep Reinforcement Learning (DRL) could lead to abnormal action selections of the agent, which may result in failure or even catastrophe in crucial decision processes. However, existing attacks only consider single-agent reinforcement learning (RL) systems, in which the only agent can observe the global state and have full control of the decision process. In this article, we explore a new backdoor attack paradigm in cooperative multi-agent reinforcement learning (CMARL) scenarios, where a group of agents coordinate with each other to achieve a common goal, while each agent can only observe the local state. In the proposed MARNet attack framework, we carefully design a pipeline of trigger design, action poisoning, and reward hacking modules to accommodate the cooperative multi-agent settings. In particular, as only a subset of agents can observe the triggers in their local observations, we maneuver their actions to the worst actions suggested by an expert policy model. Since the global reward in CMARL is aggregated by individual rewards from all agents, we propose to modify the reward in a way that boosts the bad actions of poisoned agents (agents who observe the triggers) but mitigates the influence on non-poisoned agents. We conduct extensive experiments on three classical CMARL algorithms VDN, COMA, and QMIX, in two popular CMARL games Predator Prey and SMAC. The results show that the baselines extended from single-agent DRL backdoor attacks seldom work in CMARL problems while MARNet performs well by reducing the utility under attack by nearly 100%. We apply fine-tuning as a potential defense against MARNet and demonstrate that fine-tuning cannot entirely eliminate the effect of the attack.

Myles Foley,Chris Hicks,Kate Highnam,Vasilios Mavroudis

DOI: https://doi.org/10.1145/3488932.3527286

2024-09-27

Abstract:In the network security arms race, the defender is significantly disadvantaged as they need to successfully detect and counter every malicious attack. In contrast, the attacker needs to succeed only once. To level the playing field, we investigate the effectiveness of autonomous agents in a realistic network defence scenario. We first outline the problem, provide the background on reinforcement learning and detail our proposed agent design. Using a network environment simulation, with 13 hosts spanning 3 subnets, we train a novel reinforcement learning agent and show that it can reliably defend continual attacks by two advanced persistent threat (APT) red agents: one with complete knowledge of the network layout and another which must discover resources through exploration but is more general.

Artificial Intelligence,Cryptography and Security,Machine Learning

Luke Borchjes,Clement Nyirenda,Louise Leenen

DOI: https://doi.org/10.48550/arXiv.2308.04909

2023-08-12

Abstract:This paper focuses on the impact of leveraging autonomous offensive approaches in Deep Reinforcement Learning (DRL) to train more robust agents by exploring the impact of applying adversarial learning to DRL for autonomous security in Software Defined Networks (SDN). Two algorithms, Double Deep Q-Networks (DDQN) and Neural Episodic Control to Deep Q-Network (NEC2DQN or N2D), are compared. NEC2DQN was proposed in 2018 and is a new member of the deep q-network (DQN) family of algorithms. The attacker has full observability of the environment and access to a causative attack that uses state manipulation in an attempt to poison the learning process. The implementation of the attack is done under a white-box setting, in which the attacker has access to the defender's model and experiences. Two games are played; in the first game, DDQN is a defender and N2D is an attacker, and in second game, the roles are reversed. The games are played twice; first, without an active causative attack and secondly, with an active causative attack. For execution, three sets of game results are recorded in which a single set consists of 10 game runs. The before and after results are then compared in order to see if there was actually an improvement or degradation. The results show that with minute parameter changes made to the algorithms, there was growth in the attacker's role, since it is able to win games. Implementation of the adversarial learning by the introduction of the causative attack showed the algorithms are still able to defend the network according to their strengths.

Cryptography and Security,Artificial Intelligence

Myles Foley,Mia Wang,Zoe M,Chris Hicks,Vasilios Mavroudis

2023-06-16

Abstract:Computer network defence is a complicated task that has necessitated a high degree of human involvement. However, with recent advancements in machine learning, fully autonomous network defence is becoming increasingly plausible. This paper introduces an end-to-end methodology for studying attack strategies, designing defence agents and explaining their operation. First, using state diagrams, we visualise adversarial behaviour to gain insight about potential points of intervention and inform the design of our defensive models. We opt to use a set of deep reinforcement learning agents trained on different parts of the task and organised in a shallow hierarchy. Our evaluation shows that the resulting design achieves a substantial performance improvement compared to prior work. Finally, to better investigate the decision-making process of our agents, we complete our analysis with a feature ablation and importance study.

Cryptography and Security,Machine Learning

Bin Ren,Yunlong Tang,Huan Wang,Yichuan Wang,Jianxiong Liu,Ge Gao,Wei Wei

DOI: https://doi.org/10.1109/jiot.2024.3368072

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:Enhancing the security capability of decentralized networks has been a focus of attention in the IoT academic community. Decentralized networks face problems such as lack of security resources, complex and heterogeneous difficulties in network security management, and dependence on the level of knowledge of human experts for security defense strategies and management effects. To tackle these challenges, this study presents a multi-agents deep reinforcement learning autonomous security management approach. The research builds a finite random game network attack-defense model that captures the dynamic adversarial nature of the attack-defense process. Leveraging reinforcement learning techniques, autonomous defense agent is designed to autonomously generate and adapt defense strategies. To enhance the defense capability, a network attack agent is developed. Moreover, drawing inspiration from MINIMAX Q-learning, a synchronized interactive training mechanism is discussed to address the issue of environment instability arising from the decoupling of observation space and action space among multiple coexisting offensive and defensive agents in the same environment. Experimental simulations validate the effectiveness of the proposed method in automated attack-defense scenarios, and analyse the generalization ability in networks of different scales.

computer science, information systems,telecommunications,engineering, electrical & electronic

John Mern,Kyle Hatch,Ryan Silva,Cameron Hickert,Tamim Sookoor,Mykel J. Kochenderfer

DOI: https://doi.org/10.48550/arXiv.2111.02445

2021-11-03

Cryptography and Security

Abstract:Defending computer networks from cyber attack requires timely responses to alerts and threat intelligence. Decisions about how to respond involve coordinating actions across multiple nodes based on imperfect indicators of compromise while minimizing disruptions to network operations. Currently, playbooks are used to automate portions of a response process, but often leave complex decision-making to a human analyst. In this work, we present a deep reinforcement learning approach to autonomous response and recovery in large industrial control networks. We propose an attention-based neural architecture that is flexible to the size of the network under protection. To train and evaluate the autonomous defender agent, we present an industrial control network simulation environment suitable for reinforcement learning. Experiments show that the learned agent can effectively mitigate advanced attacks that progress with few observable signals over several months before execution. The proposed deep reinforcement learning approach outperforms a fully automated playbook method in simulation, taking less disruptive actions while also defending more nodes on the network. The learned policy is also more robust to changes in attacker behavior than playbook approaches.

Sang Ho Oh,Min Ki Jeong,Hyung Chan Kim,Jongyoul Park

DOI: https://doi.org/10.3390/s23063000

IF: 3.9

2023-03-10

Sensors

Abstract:Cybersecurity is a growing concern in today’s interconnected world. Traditional cybersecurity approaches, such as signature-based detection and rule-based firewalls, are often limited in their ability to effectively respond to evolving and sophisticated cyber threats. Reinforcement learning (RL) has shown great potential in solving complex decision-making problems in various domains, including cybersecurity. However, there are significant challenges to overcome, such as the lack of sufficient training data and the difficulty of modeling complex and dynamic attack scenarios hindering researchers’ ability to address real-world challenges and advance the state of the art in RL cyber applications. In this work, we applied a deep RL (DRL) framework in adversarial cyber-attack simulation to enhance cybersecurity. Our framework uses an agent-based model to continuously learn from and adapt to the dynamic and uncertain environment of network security. The agent decides on the optimal attack actions to take based on the state of the network and the rewards it receives for its decisions. Our experiments on synthetic network security show that the DRL approach outperforms existing methods in terms of learning optimal attack actions. Our framework represents a promising step towards the development of more effective and dynamic cybersecurity solutions.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Song Xia,Meikang Qiu,Hao Jiang

DOI: https://doi.org/10.1109/smartcloud.2019.00046

2019-01-01

Abstract:In this paper, we proposed a reinforcement learning based system for defending the network users from malicious network traffics. By training two reinforcement learning agents: network attack generation agent and network defense agent, and based on the environment of deep neural networks, this system not only aims to outperforme the traditional machine learning algorithm (such as CNNs and LSTM), but also can to detect the adversarial example, which is the one of the biggest challenges for current machine learning based intrusion detection system.

Zhengwei Zhu,Miaojie Chen,Chenyang Zhu,Yanping Zhu

DOI: https://doi.org/10.1016/j.cose.2023.103578

IF: 5.105

2024-01-01

Computers & Security

Abstract:Network security is a critical discipline in the contemporary digital world, encompassing diverse technologies and strategies aimed at safeguarding computer systems, networks, and data resources against malicious activities. The attackers and defenders are vital components in the context of network security and defense. Attackers employ various means to steal sensitive information, compromise system functionality, and potentially lead to substantial economic and societal damages. To address these challenges, various network attack and defense scenarios were constructed within the CybORG framework in this paper. In various scenarios, attacks were carried out by different attackers. This was done to investigate the diverse strategies employed by defenders in response to network intrusions across different scenarios. Additionally, real-time assessments of the effectiveness of defensive measures were conducted. To assess the efficacy of defense strategies, we propose DDQN-Dueling-Noisy-Experience Replay (DDQN-DNER), a deep reinforcement learning algorithm that trains the defense agent to take appropriate actions to protect the network as it transitions into various states of being under attack. Built upon the Deep Q-Network (DQN) algorithm, the DDQN-DNER method incorporates noise networks, additional experience replay, and distinguishes outputs into value functions and advantage functions, enabling the proactive updating of Q-network parameters based on optimal actions. Simultaneously, Gaussian noise is incorporated into the actions undertaken by the agents. Research findings indicate that as network complexity increases, it becomes more challenging for agents to formulate effective strategies, while lower network security enhances agent capability in strategic decision-making. Compared to the DDQN algorithm, the DDQN-DNER algorithm accelerates the convergence of the model. In all scenarios, this algorithm consistently achieves the highest scores, indicating that the defensive strategies and measures generated by the blue agent are highly effective. The blue agent can promptly detect potential threats and attacks and take appropriate actions to address and mitigate these attacks, thereby ensuring network security.

Hooman Alavizadeh,Hootan Alavizadeh,Julian Jang-Jaccard

DOI: https://doi.org/10.3390/computers11030041

2022-03-11

Computers

Abstract:The rise of the new generation of cyber threats demands more sophisticated and intelligent cyber defense solutions equipped with autonomous agents capable of learning to make decisions without the knowledge of human experts. Several reinforcement learning methods (e.g., Markov) for automated network intrusion tasks have been proposed in recent years. In this paper, we introduce a new generation of the network intrusion detection method, which combines a Q-learning based reinforcement learning with a deep feed forward neural network method for network intrusion detection. Our proposed Deep Q-Learning (DQL) model provides an ongoing auto-learning capability for a network environment that can detect different types of network intrusions using an automated trial-error approach and continuously enhance its detection capabilities. We provide the details of fine-tuning different hyperparameters involved in the DQL model for more effective self-learning. According to our extensive experimental results based on the NSL-KDD dataset, we confirm that the lower discount factor, which is set as 0.001 under 250 episodes of training, yields the best performance results. Our experimental results also show that our proposed DQL is highly effective in detecting different intrusion classes and outperforms other similar machine learning approaches.

Yuan Cao,Kun Liu,Yeming Lin,Luyao Wang,Yuanqing Xia

DOI: https://doi.org/10.1109/jiot.2024.3423022

2024-01-01

Abstract:Deep reinforcement learning (DRL)-based moving target defense (MTD) emerges as an outstanding method to enhance the security of highly hostile Internet of Things (IoT) environments. However, due to the gap between certain stationary learning environment and real-world, even a well-trained DRL model may not adapt to unknown attacks in the real-world network environments. Therefore, we present a DRL-based self-evolving MTD approach against unknown attacks. First, we formulate the defense in a dynamic network environment as a Markov decision process (MDP), and utilize a DRL model based on actor-critic framework to obtain the optimal sequential defense strategies. Second, we deploy honeypots within the network environments to capture the traffic features of unknown attacks. These features are then specifically labeled to enable the DRL model to learn the characteristics of unknown attacks and identify them. Third, we design an actor network based on ResNet architecture to perceive the network states and make defense decisions in response to these unknown attacks. Finally, through extensive experiments on a platform based on software defined networks, we show that our proposed approach can enhance the defense performance compared with state-of-the-art solutions when dealing with unknown attacks.

Sang Ho Oh,Jeongyoon Kim,Jae Hoon Nah,Jongyoul Park

DOI: https://doi.org/10.3390/electronics13030555

IF: 2.9

2024-01-31

Electronics

Abstract:In the current landscape where cybersecurity threats are escalating in complexity and frequency, traditional defense mechanisms like rule-based firewalls and signature-based detection are proving inadequate. The dynamism and sophistication of modern cyber-attacks necessitate advanced solutions that can evolve and adapt in real-time. Enter the field of deep reinforcement learning (DRL), a branch of artificial intelligence that has been effectively tackling complex decision-making problems across various domains, including cybersecurity. In this study, we advance the field by implementing a DRL framework to simulate cyber-attacks, drawing on authentic scenarios to enhance the realism and applicability of the simulations. By meticulously adapting DRL algorithms to the nuanced requirements of cybersecurity contexts—such as custom reward structures and actions, adversarial training, and dynamic environments—we provide a tailored approach that significantly improves upon traditional methods. Our research undertakes a thorough comparative analysis of three sophisticated DRL algorithms—deep Q-network (DQN), actor–critic, and proximal policy optimization (PPO)—against the traditional RL algorithm Q-learning, within a controlled simulation environment reflective of real-world cyber threats. The findings are striking: the actor–critic algorithm not only outperformed its counterparts with a success rate of 0.78 but also demonstrated superior efficiency, requiring the fewest iterations (171) to complete an episode and achieving the highest average reward of 4.8. In comparison, DQN, PPO, and Q-learning lagged slightly behind. These results underscore the critical impact of selecting the most fitting algorithm for cybersecurity simulations, as the right choice leads to more effective learning and defense strategies. The impressive performance of the actor–critic algorithm in this study marks a significant stride towards the development of adaptive, intelligent cybersecurity systems capable of countering the increasingly sophisticated landscape of cyber threats. Our study not only contributes a robust model for simulating cyber threats but also provides a scalable framework that can be adapted to various cybersecurity challenges.

engineering, electrical & electronic,computer science, information systems,physics, applied

Shicheng Zhou,Jingju Liu,Dongdong Hou,Xiaofeng Zhong,Yue Zhang

DOI: https://doi.org/10.3390/app11198823

2021-09-23

Applied Sciences

Abstract:Penetration testing is an effective way to test and evaluate cybersecurity by simulating a cyberattack. However, the traditional methods deeply rely on domain expert knowledge, which requires prohibitive labor and time costs. Autonomous penetration testing is a more efficient and intelligent way to solve this problem. In this paper, we model penetration testing as a Markov decision process problem and use reinforcement learning technology for autonomous penetration testing in large scale networks. We propose an improved deep Q-network (DQN) named NDSPI-DQN to address the sparse reward problem and large action space problem in large-scale scenarios. First, we reasonably integrate five extensions to DQN, including noisy nets, soft Q-learning, dueling architectures, prioritized experience replay, and intrinsic curiosity model to improve the exploration efficiency. Second, we decouple the action and split the estimators of the neural network to calculate two elements of action separately, so as to decrease the action space. Finally, the performance of algorithms is investigated in a range of scenarios. The experiment results demonstrate that our methods have better convergence and scaling performance.

Yang Li,Quan Pan,Erik Cambria

DOI: https://doi.org/10.48550/arXiv.2205.00807

2022-05-02

Abstract:Recent adversarial attack developments have made reinforcement learning more vulnerable, and different approaches exist to deploy attacks against it, where the key is how to choose the right timing of the attack. Some work tries to design an attack evaluation function to select critical points that will be attacked if the value is greater than a certain threshold. This approach makes it difficult to find the right place to deploy an attack without considering the long-term impact. In addition, there is a lack of appropriate indicators of assessment during attacks. To make the attacks more intelligent as well as to remedy the existing problems, we propose the reinforcement learning-based attacking framework by considering the effectiveness and stealthy spontaneously, while we also propose a new metric to evaluate the performance of the attack model in these two aspects. Experimental results show the effectiveness of our proposed model and the goodness of our proposed evaluation metric. Furthermore, we validate the transferability of the model, and also its robustness under the adversarial training.

Machine Learning,Artificial Intelligence,Cryptography and Security,Computers and Society

Rundong Yang,Kangfeng Zheng,Xiujuan Wang,Bin Wu,Chunhua Wu

DOI: https://doi.org/10.32604/csse.2023.038917

IF: 4.397

2023-01-01

Computer Systems Science and Engineering

Abstract:Social engineering attacks are considered one of the most hazardous cyberattacks in cybersecurity, as human vulnerabilities are often the weakest link in the entire network. Such vulnerabilities are becoming increasingly susceptible to network security risks. Addressing the social engineering attack defense problem has been the focus of many studies. However, two main challenges hinder its successful resolution. Firstly, the vulnerabilities in social engineering attacks are unique due to multistage attacks, leading to incorrect social engineering defense strategies. Secondly, social engineering attacks are real-time, and the defense strategy algorithms based on gaming or reinforcement learning are too complex to make rapid decisions. This paper proposes a multiattribute quantitative incentive method based on human vulnerability and an improved Q-learning (IQL) reinforcement learning method on human vulnerability attributes. The proposed algorithm aims to address the two main challenges in social engineering attack defense by using a multiattribute incentive method based on human vulnerability to determine the optimal defense strategy. Furthermore, the IQL reinforcement learning method facilitates rapid decision-making during real-time attacks. The experimental results demonstrate that the proposed algorithm outperforms the traditional Q-learning (QL) and deep Q-network (DQN) approaches in terms of time efficiency, taking 9.1% and 19.4% less time, respectively. Moreover, the proposed algorithm effectively addresses the non-uniformity of vulnerabilities in social engineering attacks and provides a reliable defense strategy based on human vulnerability attributes. This study contributes to advancing social engineering attack defense by introducing an effective and efficient method for addressing the vulnerabilities of human factors in the cybersecurity domain.

computer science, theory & methods, hardware & architecture

Jiapeng Dai,Bin Hou,Lingjie Wu,Yunxiao Zu

DOI: https://doi.org/10.1145/3695719.3695721

2024-01-01

Abstract:To address the limitations of traditional manual penetration testing methods, this study proposes an automated penetration testing mechanism based on reinforcement learning. Unlike traditional approaches, reinforcement learning algorithms can learn from interactions with the environment, continuously optimizing penetration testing strategies to enhance the efficiency and accuracy of attacker simulations. In response to potential issues such as training instability and slow convergence rates encountered by the traditional DQN algorithm during penetration testing tasks, this work introduces more efficient deep reinforcement learning techniques. We present an innovative algorithm for medium-sized enterprises, termed SADDTAP_PER, which uniquely integrates a priority experience replay mechanism, self-attention mechanisms, dueling optimization layers, and adaptive pooling layers. Experiments demonstrate that our algorithm achieves faster convergence rates on enterprise-level network topologies and maintains good convergence in scenarios with active defense measures.

Mohammad Hossein Modirrousta,Parisa Forghani Arani,Mahdi Aliyari Shoorehdeli

DOI: https://doi.org/10.48550/arXiv.2211.16304

2022-12-09

Abstract:In order to gain access to networks, different types of intrusion attacks have been designed, and the attackers are working on improving them. Computer networks have become increasingly important in daily life due to the increasing reliance on them. In light of this, it is quite evident that algorithms with high detection accuracy and reliability are needed for various types of attacks. The purpose of this paper is to develop an intrusion detection system that is based on deep reinforcement learning. Based on the Markov decision process, the proposed system can generate informative representations suitable for classification tasks based on vast data. Reinforcement learning is considered from two different perspectives, deep Q learning, and double deep Q learning. Different experiments have demonstrated that the proposed systems have an accuracy of $99.17\%$ over the UNSW-NB15 dataset in both approaches, an improvement over previous methods based on contrastive learning and LSTM-Autoencoders. The performance of the model trained on UNSW-NB15 has also been evaluated on BoT-IoT datasets, resulting in competitive performance.

Cryptography and Security

Thanh Thi Nguyen,Vijay Janapa Reddi

DOI: https://doi.org/10.1109/TNNLS.2021.3121870

2021-11-02

Abstract:The scale of Internet-connected systems has increased considerably, and these systems are being exposed to cyber attacks more than ever. The complexity and dynamics of cyber attacks require protecting mechanisms to be responsive, adaptive, and scalable. Machine learning, or more specifically deep reinforcement learning (DRL), methods have been proposed widely to address these issues. By incorporating deep learning into traditional RL, DRL is highly capable of solving complex, dynamic, and especially high-dimensional cyber defense problems. This paper presents a survey of DRL approaches developed for cyber security. We touch on different vital aspects, including DRL-based security methods for cyber-physical systems, autonomous intrusion detection techniques, and multiagent DRL-based game theory simulations for defense strategies against cyber attacks. Extensive discussions and future research directions on DRL-based cyber security are also given. We expect that this comprehensive review provides the foundations for and facilitates future studies on exploring the potential of emerging DRL to cope with increasingly complex cyber security problems.

Cryptography and Security,Artificial Intelligence,Machine Learning

Jonathon Schwartz,Hanna Kurniawati

DOI: https://doi.org/10.48550/arXiv.1905.05965

2019-05-15

Abstract:Penetration testing (pentesting) involves performing a controlled attack on a computer system in order to assess it's security. Although an effective method for testing security, pentesting requires highly skilled practitioners and currently there is a growing shortage of skilled cyber security professionals. One avenue for alleviating this problem is automate the pentesting process using artificial intelligence techniques. Current approaches to automated pentesting have relied on model-based planning, however the cyber security landscape is rapidly changing making maintaining up-to-date models of exploits a challenge. This project investigated the application of model-free Reinforcement Learning (RL) to automated pentesting. Model-free RL has the key advantage over model-based planning of not requiring a model of the environment, instead learning the best policy through interaction with the environment. We first designed and built a fast, low compute simulator for training and testing autonomous pentesting agents. We did this by framing pentesting as a Markov Decision Process with the known configuration of the network as states, the available scans and exploits as actions, the reward determined by the value of machines on the network. We then used this simulator to investigate the application of model-free RL to pentesting. We tested the standard Q-learning algorithm using both tabular and neural network based implementations. We found that within the simulated environment both tabular and neural network implementations were able to find optimal attack paths for a range of different network topologies and sizes without having a model of action behaviour. However, the implemented algorithms were only practical for smaller networks and numbers of actions. Further work is needed in developing scalable RL algorithms and testing these algorithms in larger and higher fidelity environments.

Cryptography and Security,Artificial Intelligence,Machine Learning

Sang Ho Oh,Jeongyoon Kim,Jongyoul Park

DOI: https://doi.org/10.3390/electronics13142831

IF: 2.9

2024-07-19

Electronics

Abstract:As cyberattacks become increasingly sophisticated and frequent, it is crucial to develop robust cybersecurity measures that can withstand adversarial attacks. Adversarial simulation is an effective technique for evaluating the security of systems against various types of cyber threats. However, traditional adversarial simulation methods may not capture the complexity and unpredictability of real-world cyberattacks. In this paper, we propose the improved deep reinforcement learning (DRL) algorithm to enhance adversarial attack simulation for cybersecurity with real-world scenarios from MITRE-ATT&CK. We first describe the challenges of traditional adversarial simulation and the potential benefits of using DRL. We then present an improved DRL-based simulation framework that can realistically simulate complex and dynamic cyberattacks. We evaluate the proposed DRL framework using a cyberattack scenario and demonstrate its effectiveness by comparing it with existing DRL algorithms. Overall, our results suggest that DRL has significant potential for enhancing adversarial simulation for cybersecurity in real-world environments. This paper contributes to developing more robust and effective cybersecurity measures that can adapt to the evolving threat landscape of the digital world.

engineering, electrical & electronic,computer science, information systems,physics, applied