Loading...
A generic blue agent training framework for autonomous cyber operations
Date
Abstract
Sophisticated mechanisms for attacking a computer network are emerging, therefore it is of great importance that equally sophisticated mechanisms should be in place to defend against malicious attacks on the network. Autonomous cyber operations (ACO) is considered to be a potential option to provide timely defense against malicious attacks. In ACO, an agent that tries to attack a network is referred to as red agent, and an agent that defends against the red agent is called blue agent. In real scenarios, different kinds of red agents can attack a network, hence a blue agent needs to defend against a variety of red agents, each with their own attack strategy and specific goal. However, it is a challenging task to train a blue agent that is agnostic of the red agent. Hence, we present here a framework for generic blue agent training, i.e., training a blue agent that can defend against different kinds of red agents. The framework is a combination of reinforcement learning and supervised learning. Our results demonstrate that the presented framework for generic blue agent training does exhibit generic characteristics, and the framework does demonstrate better performance compared to an alternate approach.
Supervisor
Description
Publisher
Institute of Electrical and Electronics Engineers
Citation
2024 IFIP Networking Conference (IFIP Networking), Thessaloniki, Greece, 2024, pp. 515-521
Collections
Files
Faroog_2024_Generic.pdf
Adobe PDF, 1 MB
- Embargoed until 2026-08-15
Funding code
Funding Information
Sustainable Development Goals
External Link
Type
Meetings and Proceedings
Rights
https://creativecommons.org/licenses/by-nc-sa/4.0/