Reinforcement Learning for Industrial Control Network Cyber Security Orchestration

by   John Mern, et al.

Defending computer networks from cyber attack requires coordinating actions across multiple nodes based on imperfect indicators of compromise while minimizing disruptions to network operations. Advanced attacks can progress with few observable signals over several months before execution. The resulting sequential decision problem has large observation and action spaces and a long time-horizon, making it difficult to solve with existing methods. In this work, we present techniques to scale deep reinforcement learning to solve the cyber security orchestration problem for large industrial control networks. We propose a novel attention-based neural architecture with size complexity that is invariant to the size of the network under protection. A pre-training curriculum is presented to overcome early exploration difficulty. Experiments show in that the proposed approaches greatly improve both the learning sample complexity and converged policy performance over baseline methods in simulation.



There are no comments yet.


page 3


Autonomous Attack Mitigation for Industrial Control Systems

Defending computer networks from cyber attack requires timely responses ...

ICSrange: A Simulation-based Cyber Range Platform for Industrial Control Systems

Maintenance staff of Industrial Control Systems (ICS) is generally not a...

Deep hierarchical reinforcement agents for automated penetration testing

Penetration testing the organised attack of a computer system in order t...

Enhancing Reinforcement Learning with discrete interfaces to learn the Dyck Language

Even though most interfaces in the real world are discrete, no efficient...

Object Exchangeability in Reinforcement Learning: Extended Abstract

Although deep reinforcement learning has advanced significantly over the...

Adversarial Reinforcement Learning for Observer Design in Autonomous Systems under Cyber Attacks

Complex autonomous control systems are subjected to sensor failures, cyb...

Crown Jewels Analysis using Reinforcement Learning with Attack Graphs

Cyber attacks pose existential threats to nations and enterprises. Curre...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.