Weakness Analysis of Cyberspace Configuration Based on Reinforcement Learning

In this work, we present a learning-based approach to analysis cyberspace configuration. Unlike prior methods, our approach has the ability to learn from past experience and improve over time. In particular, as we train over a greater number of agents as attackers, our method becomes better at rapidly finding attack paths for previously hidden paths, especially in multiple domain cyberspace. To achieve these results, we pose finding attack paths as a Reinforcement Learning (RL) problem and train an agent to find multiple domain attack paths. To enable our RL policy to find more hidden attack paths, we ground representation introduction an multiple domain action select module in RL. By designing a simulated cyberspace experimental environment to verify our method. Our objective is to find more hidden attack paths, to analysis the weakness of cyberspace configuration. The experimental results show that our method can find more hidden multiple domain attack paths than existing baselines methods.

[1]  Yuval Tassa,et al.  Continuous control with deep reinforcement learning , 2015, ICLR.

[2]  Neeraj Kumar,et al.  A feature reduced intrusion detection system using ANN classifier , 2017, Expert Syst. Appl..

[3]  Victor Croitoru,et al.  Computer networks security based on the detection of user's behavior , 2015, 2015 9th International Symposium on Advanced Topics in Electrical Engineering (ATEE).

[4]  Chun-Hung Richard Lin,et al.  Intrusion detection system: A comprehensive review , 2013, J. Netw. Comput. Appl..

[5]  Muhammad Munwar Iqbal,et al.  Enhanced Network Anomaly Detection Based on Deep Neural Networks , 2018, IEEE Access.

[6]  A. L. Narasimha Reddy,et al.  Statistical Techniques for Detecting Traffic Anomalies Through Packet Header Data , 2008, IEEE/ACM Transactions on Networking.

[7]  Qi Shi,et al.  A Deep Learning Approach to Network Intrusion Detection , 2018, IEEE Transactions on Emerging Topics in Computational Intelligence.

[8]  Feng Qu,et al.  An Intrusion Detection Model Based on Deep Belief Network , 2017, ICNCC.

[9]  Richard S. Sutton,et al.  Reinforcement Learning: An Introduction , 1998, IEEE Trans. Neural Networks.

[10]  Christos Faloutsos,et al.  Graph-Based User Behavior Modeling: From Prediction to Fraud Detection , 2015, KDD.

[11]  Ichiro Fukuda,et al.  Analytical method of web user behavior using Hidden Markov Model , 2016, 2016 IEEE International Conference on Big Data (Big Data).

[12]  Insup Lee,et al.  Cyber-physical systems: The next computing revolution , 2010, Design Automation Conference.

[13]  Shuyu Chen,et al.  Incremental k-NN SVM method in intrusion detection , 2017, 2017 8th IEEE International Conference on Software Engineering and Service Science (ICSESS).

[14]  Guy Lever,et al.  Deterministic Policy Gradient Algorithms , 2014, ICML.

[15]  Yuefei Zhu,et al.  A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks , 2017, IEEE Access.

[16]  Mohammad Zulkernine,et al.  Random-Forests-Based Network Intrusion Detection Systems , 2008, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[17]  Howon Kim,et al.  An Effective Intrusion Detection Classifier Using Long Short-Term Memory with Gradient Descent Optimization , 2017, 2017 International Conference on Platform Technology and Service (PlatCon).

[18]  K. Muneeswaran,et al.  Firefly algorithm based feature selection for network intrusion detection , 2019, Comput. Secur..

[19]  Haipeng Yao,et al.  Intelligent Network Awareness , 2019, Wireless Networks.