Learning Games for Defending Advanced Persistent Threats in Cyber Systems

Zhu, T; Ye, D; Cheng, Z; Zhou, W; Yu, PS

Learning Games for Defending Advanced Persistent Threats in Cyber Systems

Zhu, T Ye, D

Cheng, Z Zhou, W

Yu, PS

Permalink

Publisher:: Institute of Electrical and Electronics Engineers (IEEE)
Publication Type:: Journal Article
Citation:: IEEE Transactions on Systems, Man, and Cybernetics: Systems, 2022, 53, (4), pp. 2410-2422
Issue Date:: 2022-01-01

Closed Access

	Filename	Description	Size
	Learning_Games_for_Defending_Advanced_Persistent_Threats_in_Cyber_Systems.pdf	Published version	2.87 MB	Adobe PDF	View/Open

Copyright Clearance Process

Recently Added
In Progress
Closed Access

This item is closed access and not available.

Full metadata record

Field	Value	Language
dc.contributor.author	Zhu, T
dc.contributor.author	Ye, D https://orcid.org/0000-0002-7561-0992
dc.contributor.author	Cheng, Z
dc.contributor.author	Zhou, W https://orcid.org/0000-0002-1680-2521
dc.contributor.author	Yu, PS
dc.date.accessioned	2023-04-18T01:40:07Z
dc.date.available	2023-04-18T01:40:07Z
dc.date.issued	2022-01-01
dc.identifier.citation	IEEE Transactions on Systems, Man, and Cybernetics: Systems, 2022, 53, (4), pp. 2410-2422
dc.identifier.issn	2168-2216
dc.identifier.issn	2168-2232
dc.identifier.uri	http://hdl.handle.net/10453/169877
dc.description.abstract	A cyber system may face to multiple attackers from diverse adversaries, who usually employ sophisticated techniques to both continuously steal sensitive data and avoid being detected by defense strategies. This continuous process is typically involved in an advanced persistent threat (APT). Since the game theory is an ideal mathematical model for investigating continuous decision making of competing players, it is broadly used to research the interaction between defenders and APT attackers. Although many researchers are now using the game theory to defend against APT attacks, most of the existing solutions are limited to single-defender, single-attacker scenarios. In the real world, threats by multiple attackers are not uncommon and multiple defenders can be put in place. Therefore, to overcome the limitation of the existing solutions, we develop a multiagent deep reinforcement learning (MADRL) method with a novel sampling approach. The MADRL method allows defenders to create strategies on the fly and share their experience with other defenders. To develop this method, we create a multidefender, multiattacker game model and analyze the equilibrium of this model. The results of a series of experiments demonstrate that, with MADRL, defenders can quickly learn efficient strategies against attackers.
dc.language	en
dc.publisher	Institute of Electrical and Electronics Engineers (IEEE)
dc.relation.ispartof	IEEE Transactions on Systems, Man, and Cybernetics: Systems
dc.relation.isbasedon	10.1109/TSMC.2022.3211866
dc.rights	info:eu-repo/semantics/closedAccess
dc.subject	08 Information and Computing Sciences, 09 Engineering
dc.subject.classification	Artificial Intelligence & Image Processing
dc.title	Learning Games for Defending Advanced Persistent Threats in Cyber Systems
dc.type	Journal Article
utslib.citation.volume	53
utslib.for	08 Information and Computing Sciences
utslib.for	09 Engineering
pubs.organisational-group	/University of Technology Sydney
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology/School of Computer Science
utslib.copyright.status	closed_access	*
dc.date.updated	2023-04-18T01:40:05Z
pubs.issue	4
pubs.publication-status	Published
pubs.volume	53
utslib.citation.issue	4

Abstract:

A cyber system may face to multiple attackers from diverse adversaries, who usually employ sophisticated techniques to both continuously steal sensitive data and avoid being detected by defense strategies. This continuous process is typically involved in an advanced persistent threat (APT). Since the game theory is an ideal mathematical model for investigating continuous decision making of competing players, it is broadly used to research the interaction between defenders and APT attackers. Although many researchers are now using the game theory to defend against APT attacks, most of the existing solutions are limited to single-defender, single-attacker scenarios. In the real world, threats by multiple attackers are not uncommon and multiple defenders can be put in place. Therefore, to overcome the limitation of the existing solutions, we develop a multiagent deep reinforcement learning (MADRL) method with a novel sampling approach. The MADRL method allows defenders to create strategies on the fly and share their experience with other defenders. To develop this method, we create a multidefender, multiattacker game model and analyze the equilibrium of this model. The results of a series of experiments demonstrate that, with MADRL, defenders can quickly learn efficient strategies against attackers.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/169877