Catch Me if You Can: Improving Adversaries in Cyber-Security with Q-Learning Algorithms

Arti Bandhana; Ondřej Lukáš; Sebastian Garcia; Tomáš Kroupa

doi:10.5220/0011684500003393

Catch Me if You Can: Improving Adversaries in Cyber-Security with Q-Learning Algorithms

Arti Bandhana, Ondřej Lukáš, Sebastian Garcia, Tomáš Kroupa

2023

Abstract

The ongoing rise in cyberattacks and the lack of skilled professionals in the cybersecurity domain to combat these attacks show the need for automated tools capable of detecting an attack with good performance. Attackers disguise their actions and launch attacks that consist of multiple actions, which are difficult to detect. Therefore, improving defensive tools requires their calibration against a well-trained attacker. In this work, we propose a model of an attacking agent and environment and evaluate its performance using basic Q-Learning, Naive Q-learning, and DoubleQ-Learning, all of which are variants of Q-Learning. The attacking agent is trained with the goal of exfiltrating data whereby all the hosts in the network have a non-zero detection probability. Results show that the DoubleQ-Learning agent has the best overall performance rate by successfully achieving the goal in 70% of the interactions.

Download

Paper Citation

in Harvard Style

Bandhana A., Lukáš O., Garcia S. and Kroupa T. (2023). Catch Me if You Can: Improving Adversaries in Cyber-Security with Q-Learning Algorithms. In Proceedings of the 15th International Conference on Agents and Artificial Intelligence - Volume 3: ICAART, ISBN 978-989-758-623-1, pages 442-449. DOI: 10.5220/0011684500003393

in Bibtex Style

@conference{icaart23,
author={Arti Bandhana and Ondřej Lukáš and Sebastian Garcia and Tomáš Kroupa},
title={Catch Me if You Can: Improving Adversaries in Cyber-Security with Q-Learning Algorithms},
booktitle={Proceedings of the 15th International Conference on Agents and Artificial Intelligence - Volume 3: ICAART,},
year={2023},
pages={442-449},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011684500003393},
isbn={978-989-758-623-1},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 15th International Conference on Agents and Artificial Intelligence - Volume 3: ICAART,
TI - Catch Me if You Can: Improving Adversaries in Cyber-Security with Q-Learning Algorithms
SN - 978-989-758-623-1
AU - Bandhana A.
AU - Lukáš O.
AU - Garcia S.
AU - Kroupa T.
PY - 2023
SP - 442
EP - 449
DO - 10.5220/0011684500003393