Rethinking Adaptive Cyber Defense, Optimization, and Reinforcement Learning in an Adversarial Environment

Abstract

The first generation of cyber security technologies are largely static because standardization, predictability, performance, and cost-effectiveness are the main drivers. They are governed by largely static processes such as testing, security patch deployment, episodic penetration exercises, and human-in-the-loop monitoring of security events. Moreover, they are designed in the absence of a specific adversary model. As a result, adversaries greatly benefit from this situation: They can continuously and systematically probe targeted networks with the confidence that those networks will change slowly if at all; they have the time to engineer reliable exploits and pre-plan their attacksIn response to this situation, researchers in recent years started to investigate a new class of technologies called Adaptive Cyber Defense (ACD) that seek to build systems that are able to change and adapt before, during, and after the threats materialize to force adversaries to continually re-assess andre-plan their cyber operations. Unfortunately, a cyber-defense policy is itself a complex object, controlling the allocation of resources across numerous activities and assets across time. Generation of such policies represents a difficult optimization problem, particularly when the environment is modeled primarily through simulation. The reinforcement learning is used as a general approach to optimizing time-dependent behavior based on experience data. In this project, we assume that there is an adversary whose objective is to maximize the response time of the genuine activities in the system. Our goals are to investigate the worst-case that could occur under adversarial attacks and find a way to limitthe impact; at the same time, we will seek to maximize the effort required by the adversary to achieve the worst case. In other words, our metric for evaluating our models and algorithms will include two components: worst case-response time and the cost for an adversary to achievethe worst case.

Document Details

Document Type
DoD Grant Award
Publication Date
Jan 12, 2023
Source ID
N000142312132

Entities

People

  • Sushil Jajodia

Organizations

  • George Mason University
  • Office of Naval Research
  • United States Navy

Tags

Fields of Study

  • Computer science

Readers

  • Agent-Based Social Robotics and Mobile-Assisted Learning in Virtual Environments.
  • Cybersecurity.
  • Economics

Technology Areas

  • AI & ML
  • AI & ML - Machine Learning Algorithms
  • Cyber