KEYWORDS: Network security, Machine learning, Defense and security, Computer networks, Monte Carlo methods, Inspection, Data modeling, Windows, Transformers
In this work, we demonstrate the potential of dynamic reinforcement learning (RL) methods to revolutionize cybersecurity. The RL framework we develop is shown to be capable of shutting down an aggressive botnet, which initially uses spear phishing to establish itself in a Department of Defense (DoD) network. To ensure a suitable real-time response, we employ CP, a transformer model trained for network anomaly detection, to factorize the state space accessible to our RL agent. As the fidelity of our cyber scenario is of the utmost importance for meaningful RL training, we leverage the CyberVAN emulation environment to model an appropriate DoD enterprise network to attack and defend. Our work represents an important step towards harnessing the power of RL to automate general and fully-realistic Defensive Cyber Operations (DCOs).
Artificial intelligence (AI) is quickly gaining relevance as a transformative technology. Its ability to rapidly fuse and synthesize data, accelerate processes, automate tasks, and augment decision-making has the potential to revolutionize multi-domain warfighting through data-centric operations and algorithmic warfare. As the military relies more on AI-enabled Decision Aids to increase the efficiency and effectiveness of decision-making, it highlights the need to effectively assess them before deployment. Modeling and simulation (M&S) environments are essential for assessing these rapidly evolving AI-enabled systems. Accepted analytical frameworks are needed to guide ways to represent and model AI sufficiently within M&S environments for accurate assessment. In this paper, we identify common characteristics within the main categories of AI and investigate how those characteristics can be best represented across the main categories of M&S. We provide two use cases to highlight an assessment of AI-enabled Decision Aids for cybersecurity and aeromedical evacuation problems. Our example use cases demonstrate how to leverage a framework for analytic assessment of AI within M&S environments.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.