Defending computer networks from cyber attack requires coordinating actions
across multiple nodes based on imperfect indicators of compromise while
minimizing disruptions to network operations. Advanced attacks can progress
with few observable signals over several months before execution. The resulting
sequential decision problem has large observation and action spaces and a long
time-horizon, making it difficult to solve with existing methods. In this work,
we present techniques to scale deep reinforcement learning to solve the cyber
security orchestration problem for large industrial control networks. We
propose a novel attention-based neural architecture with size complexity that
is invariant to the size of the network under protection. A pre-training
curriculum is presented to overcome early exploration difficulty. Experiments
show in that the proposed approaches greatly improve both the learning sample
complexity and converged policy performance over baseline methods in

Go to Source of this post
Author Of this post: <a href="">John Mern</a>, <a href="">Kyle Hatch</a>, <a href="">Ryan Silva</a>, <a href="">Jeff Brush</a>, <a href="">Mykel J. Kochenderfer</a>

By admin