Learning Near-Optimal Intrusion Responses Against Dynamic Attackers. (arXiv:2301.06085v2 [cs.GT] UPDATED)

We study automated intrusion response and formulate the interaction between
an attacker and a defender as an optimal stopping game where attack and defense
strategies evolve through reinforcement learning and self-play. The
game-theoretic modeling enables us to find defender strategies that are
effective against a dynamic attacker, i.e. an attacker that adapts its strategy
in response to the defender strategy. Further, the optimal stopping formulation
allows us to prove that optimal strategies have threshold properties. To obtain
near-optimal defender strategies, …

algorithm attack attackers automated defender defense defense strategies dynamic find game intrusion intrusion response modeling near play prove response strategy study