Scalable Learning of Intrusion Responses through Recursive Decomposition. (arXiv:2309.03292v2 [eess.SY] UPDATED)

We study automated intrusion response for an IT infrastructure and formulate
the interaction between an attacker and a defender as a partially observed
stochastic game. To solve the game we follow an approach where attack and
defense strategies co-evolve through reinforcement learning and self-play
toward an equilibrium. Solutions proposed in previous work prove the
feasibility of this approach for small infrastructures but do not scale to
realistic scenarios due to the exponential growth in computational complexity
with the infrastructure size. …

attack attacker automated defender defense defense strategies game infrastructure intrusion intrusion response it infrastructure play response solutions strategies study