all InfoSec news
Intrusion Prevention through Optimal Stopping. (arXiv:2111.00289v3 [cs.LG] UPDATED)
We study automated intrusion prevention using reinforcement learning.
Following a novel approach, we formulate the problem of intrusion prevention as
an (optimal) multiple stopping problem. This formulation gives us insight into
the structure of optimal policies, which we show to have threshold properties.
For most practical cases, it is not feasible to obtain an optimal defender
policy using dynamic programming. We therefore develop a reinforcement learning
approach to approximate an optimal policy. Our method for learning and
validating policies includes …