File(s) under embargo
Reason: Part of publisher's permissions
1
year(s)11
month(s)6
day(s)until file(s) become available
A generic blue agent training framework for autonomous cyber operations
Sophisticated mechanisms for attacking a computer network are emerging, therefore it is of great importance that equally sophisticated mechanisms should be in place to defend against malicious attacks on the network. Autonomous cyber operations (ACO) is considered to be a potential option to provide timely defense against malicious attacks. In ACO, an agent that tries to attack a network is referred to as red agent, and an agent that defends against the red agent is called blue agent. In real scenarios, different kinds of red agents can attack a network, hence a blue agent needs to defend against a variety of red agents, each with their own attack strategy and specific goal. However, it is a challenging task to train a blue agent that is agnostic of the red agent. Hence, we present here a framework for generic blue agent training, i.e., training a blue agent that can defend against different kinds of red agents. The framework is a combination of reinforcement learning and supervised learning. Our results demonstrate that the presented framework for generic blue agent training does exhibit generic characteristics, and the framework does demonstrate better performance compared to an alternate approach.
History
Publication
2024 IFIP Networking Conference (IFIP Networking), Thessaloniki, Greece, 2024, pp. 515-521Publisher
Institute of Electrical and Electronics EngineersRights
© 2024 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.External identifier
Department or School
- Electronic & Computer Engineering