Catch Me If You Can: Improving Adversaries in Cyber-Security With Q-Learning Algorithms

• URL: http://arxiv.org/abs/2302.03768v1
• Date: Tue, 7 Feb 2023 21:57:59 GMT
• Title: Catch Me If You Can: Improving Adversaries in Cyber-Security With Q-Learning Algorithms
• Authors: Arti Bandhana, Ond\v{r}ej Luk\'a\v{s}, Sebastian Garcia and Tom\'a\v{s} Kroupa
• Abstract summary: Attackers disguise their actions and launch attacks that consist of multiple actions, which are difficult to detect. In this work, we propose a model of an attacking agent and environment and evaluate its performance using basic Q-Learning, Naive Q-learning, and DoubleQ-Learning. Results show that the DoubleQ-Learning agent has the best overall performance rate by successfully achieving the goal in $70%$ of the interactions.
• Score: 0.7349727826230861
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: The ongoing rise in cyberattacks and the lack of skilled professionals in the cybersecurity domain to combat these attacks show the need for automated tools capable of detecting an attack with good performance. Attackers disguise their actions and launch attacks that consist of multiple actions, which are difficult to detect. Therefore, improving defensive tools requires their calibration against a well-trained attacker. In this work, we propose a model of an attacking agent and environment and evaluate its performance using basic Q-Learning, Naive Q-learning, and DoubleQ-Learning, all of which are variants of Q-Learning. The attacking agent is trained with the goal of exfiltrating data whereby all the hosts in the network have a non-zero detection probability. Results show that the DoubleQ-Learning agent has the best overall performance rate by successfully achieving the goal in $70\%$ of the interactions.

Related papers

• Efficient Backdoor Defense in Multimodal Contrastive Learning: A Token-Level Unlearning Method for Mitigating Threats [52.94388672185062]
  We propose an efficient defense mechanism against backdoor threats using a concept known as machine unlearning. This entails strategically creating a small set of poisoned samples to aid the model's rapid unlearning of backdoor vulnerabilities. In the backdoor unlearning process, we present a novel token-based portion unlearning training regime.
  arXiv  Detail & Related papers  (2024-09-29T02:55:38Z)
• A Dual-Tier Adaptive One-Class Classification IDS for Emerging Cyberthreats [3.560574387648533]
  We propose a one-class classification-driven IDS system structured on two tiers. The first tier distinguishes between normal activities and attacks/threats, while the second tier determines if the detected attack is known or unknown. This model not only identifies unseen attacks but also uses them for retraining them by clustering unseen attacks.
  arXiv  Detail & Related papers  (2024-03-17T12:26:30Z)
• Raij\=u: Reinforcement Learning-Guided Post-Exploitation for Automating Security Assessment of Network Systems [0.0]
  Raij=u framework is a Reinforcement Learning-driven automation approach. We implement two RL algorithms to train specialized agents capable of making intelligent actions. Agents achieve over 84% of successful attacks with under 55 attack steps given.
  arXiv  Detail & Related papers  (2023-09-27T09:36:22Z)
• Learning Cyber Defence Tactics from Scratch with Multi-Agent Reinforcement Learning [4.796742432333795]
  Team of intelligent agents in computer network defence roles may reveal promising avenues to safeguard cyber and kinetic assets. Agents are evaluated on their ability to jointly mitigate attacker activity in host-based defence scenarios.
  arXiv  Detail & Related papers  (2023-08-25T14:07:50Z)
• On the Effectiveness of Adversarial Training against Backdoor Attacks [111.8963365326168]
  A backdoored model always predicts a target class in the presence of a predefined trigger pattern. In general, adversarial training is believed to defend against backdoor attacks. We propose a hybrid strategy which provides satisfactory robustness across different backdoor attacks.
  arXiv  Detail & Related papers  (2022-02-22T02:24:46Z)
• Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the Age of AI-NIDS [70.60975663021952]
  We study blackbox adversarial attacks on network classifiers. We argue that attacker-defender fixed points are themselves general-sum games with complex phase transitions. We show that a continual learning approach is required to study attacker-defender dynamics.
  arXiv  Detail & Related papers  (2021-11-23T23:42:16Z)
• An Overview of Backdoor Attacks Against Deep Neural Networks and Possible Defences [33.415612094924654]
  The goal of this paper is to review the different types of attacks and defences proposed so far. In a backdoor attack, the attacker corrupts the training data so to induce an erroneous behaviour at test time. Test time errors are activated only in the presence of a triggering event corresponding to a properly crafted input sample.
  arXiv  Detail & Related papers  (2021-11-16T13:06:31Z)
• Automating Privilege Escalation with Deep Reinforcement Learning [71.87228372303453]
  In this work, we exemplify the potential threat of malicious actors using deep reinforcement learning to train automated agents. We present an agent that uses a state-of-the-art reinforcement learning algorithm to perform local privilege escalation. Our agent is usable for generating realistic attack sensor data for training and evaluating intrusion detection systems.
  arXiv  Detail & Related papers  (2021-10-04T12:20:46Z)
• The Feasibility and Inevitability of Stealth Attacks [63.14766152741211]
  We study new adversarial perturbations that enable an attacker to gain control over decisions in generic Artificial Intelligence systems. In contrast to adversarial data modification, the attack mechanism we consider here involves alterations to the AI system itself.
  arXiv  Detail & Related papers  (2021-06-26T10:50:07Z)
• Adversarial defense for automatic speaker verification by cascaded self-supervised learning models [101.42920161993455]
  More and more malicious attackers attempt to launch adversarial attacks at automatic speaker verification (ASV) systems. We propose a standard and attack-agnostic method based on cascaded self-supervised learning models to purify the adversarial perturbations. Experimental results demonstrate that the proposed method achieves effective defense performance and can successfully counter adversarial attacks.
  arXiv  Detail & Related papers  (2021-02-14T01:56:43Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.