A curated list of resources dedicated to reinforcement learning applied to cyber security. Note that the list includes only work that uses reinforcement learning, general machine learning methods applied to cyber security are not included in this list.
For other related curated lists, see :
We are looking for more contributors and maintainers! Contact [email protected] if you are interested to become a maintainer.
Maintainers/Contributors:
- Kim Hammar, KTH Royal Institute of Techhology, Sweden.
- Lisa Oakley, Northeastern University, USA.
- Manuel Del Verme, Quebec Artificial Intelligence Institute, Canada.
- Pontus Johnson, KTH Royal Institute of Techhology, Sweden.
- Jakob Nyberg, KTH Royal Institute of Techhology, Sweden.
- Simon Gökstorp, KTH Royal Institute of Techhology, Sweden.
- Fabio Massimo Zennaro, University of Oslo, Norway.
↑ Environments
|
gym-idsgame
|
|
CyberBattleSim
|
|
gym-malware
|
|
|
malware-rl
|
|
gym-flipit
|
|
gym-threat-defense
|
|
gym-nasim |
|
gym-optimal-intrusion-response
|
|
sql_env |
|
cage-challenge-1
|
cage-challenge-2
|
|
ATMoS |
|
MAB-malware |
↑ Papers
- (2022) Research and Challenges of Reinforcement Learning in Cyber Defense Decision-Making for Intranet Security
- (2021) Reinforcement Learning for Feedback-Enabled Cyber Resilience
- (2021) Prospective Artificial Intelligence Approaches for Active Cyber Defence
- (2019) Deep Reinforcement Learning for Cyber Security
- (2022) Multiple Domain Cyberspace Attack and Defense Game Based on Reward Randomization Reinforcement Learning
- (2022) Intrusion Prevention through Optimal Stopping
- (2022) Learning to Play an Adaptive Cyber Deception Game
- (2022) Neural Fictitious Self-Play for Radar Anti-Jamming Dynamic Game with Imperfect Information
- (2022) A Reinforcement Learning Approach for Defending Against Multi-Scenario Load Redistribution Attacks
- (2022) A Proactive Eavesdropping Game in MIMO systems Based on Multi-Agent Deep Reinforcement Learning
- (2022) FEAR: Federated Cyber-Attack Reaction in Distributed Software-Defined Networks with Deep Q-Network
- (2022) EvadeRL: Evading PDF Malware Classifiers with Deep Reinforcement Learning
- (2022) Link: Black-Box Detection of Cross-Site Scripting Vulnerabilities Using Reinforcement Learning
- (2022) MERLIN - Malware Evasion with Reinforcement LearnINg
- (2022) DeepAir: Deep Reinforcement Learning for Adaptive Intrusion Response in Software-Defined Networks
- (2022) DroidRL: Reinforcement Learning Driven Feature Selection for Android Malware Detection
- (2022) MAB-Malware: A Reinforcement Learning Framework for Attacking Static Malware Classifiers
- (2022) Behaviour-Diverse Automatic Penetration Testing: A Curiosity-Driven Multi-Objective Deep Reinforcement Learning Approach
- (2022) Safe Exploration in Wireless Security: A Safe Reinforcement Learning Algorithm with Hierarchical Structure
- (2022) Discovering Exfiltration Paths Using Reinforcement Learning with Attack Graphs
- (2022) Multi-Agent Reinforcement Learning for Decentralized Resilient Secondary Control of Energy Storage Systems against DoS Attacks
- (2021) Network Resilience Under Epidemic Attacks: Deep Reinforcement Learning Network Topology Adaptations
- (2021) An Intrusion Response Approach for Elastic Applications Based on Reinforcement Learning
- (2021) Reinforcement Learning-assisted Threshold Optimization for Dynamic Honeypot Adaptation to Enhance IoBT Networks Security
- (2021) Reinforcement Learning-based Hierarchical Seed Scheduling for Greybox Fuzzing
- (2021) SquirRL: Automating Attack Analysis on Blockchain Incentive Mechanisms with Deep Reinforcement Learning
- (2021) Reinforcement Learning for the Problem of Detecting Intrusion in a Computer System
- (2021) Timing Strategy for Active Detection of APT Attack Based on FlipIt Model and Q-learning Method
- (2021) Collaborative Multi-agent Reinforcement Learning for Intrusion Detection
- (2021) ATMoS+: Generalizable Threat Mitigation in SDN Using Permutation Equivariant and Invariant Deep Reinforcement Learning
- (2021) Network Security Defense Decision-Making Method Based on Stochastic Game and Deep Reinforcement Learning
- (2021) Solving Large-Scale Extensive-Form Network Security Games via Neural Fictitious Self-Play
- (2021) An Efficient Parallel Reinforcement Learning Approach to Cross-Layer Defense Mechanism in Industrial Control Systems
- (2021) SDN-based Moving Target Defense using Multi-agent Reinforcement Learning
- (2021) Reinforcement Learning for Industrial Control Network Cyber Security Orchestration
- (2021) Automating Privilege Escalation with Deep Reinforcement Learning
- (2021) Multi-Agent Reinforcement Learning Framework in SDN-IoT for Transient Load Detection and Prevention
- (2021) Crown Jewels Analysis using Reinforcement Learning with Attack Graphs
- (2021) Deep Q-Learning based Reinforcement Learning Approach for Network Intrusion Detection
- (2021) Deep-Reinforcement-Learning-Based Intrusion Detection in Aerial Computing Networks
- (2021) Deep Reinforcement Learning for Securing Software Defined Industrial Networks with Distributed Control Plane
- (2021) Autonomous network cyber offence strategy through deep reinforcement learning
- (2021) CyGIL: A Cyber Gym for Training Autonomous Agents over Emulated Network Systems
- (2021) Constraints Satisfiability Driven Reinforcement Learning for Autonomous Cyber Defense
- (2021) Catch Me If You Learn: Real-Time Attack Detection and Mitigation in Learning Enabled CPS
- (2021) Network Environment Design for Autonomous Cyberdefense
- (2021) CybORG: A Gym for the Development of Autonomous Cyber Agents
- (2021) SQL Injections and Reinforcement Learning: An Empirical Evaluation of the Role of Action Structure
- (2021) Towards Autonomous Defense of SDN Networks Using MuZero Based Intelligent Agent
- (2021) Defense Against Advanced Persistent Threats in Smart Grids: A Reinforcement Learning Approach
- (2021) Deep hierarchical reinforcement agents for automated penetration testing
- (2021) Adversarial Attack and Defense on Graph-based IoT Botnet Detection Approach
- (2021) Simulating a Logistics Enterprise Using an Asymmetrical Wargame Simulation with Soar Reinforcement Learning and Coevolutionary Algorithms
- (2021) Deep Reinforcement Learning for Mitigating Cyber-Physical DER Voltage Unbalance Attacks
- (2021) Mixed Initiative Balance of Human-Swarm Teaming in Surveillance via Reinforcement learning
- (2021) Proximal Policy Based Deep Reinforcement Learning Approach for Swarm Robots
- (2021) Using Deep Reinforcement Learning to Evade Web Application Firewalls
- (2021) Sequential Node Attack of Complex Networks based on Q-learning Method
- (2021) Learning Intrusion Prevention Policies through Optimal Stopping
- (2021) Using Cyber Terrain in Reinforcement Learning for Penetration Testing
- (2021) Reinforcement learning based self-adaptive moving target defense against DDoS attacks
- (2021) Modeling, Detecting, and Mitigating Threats Against Industrial Healthcare Systems: A Combined Software Defined Networking and Reinforcement Learning Approach
- (2021) DESOLATER: Deep Reinforcement Learning-Based Resource Allocation and Moving Target Defense Deployment Framework
- (2021) RAIDER: Reinforcement-aided Spear Phishing Detector
- (2021) DDoS Mitigation Based on Space-Time Flow Regularities in IoV: A Feature Adaption Reinforcement Learning Approach
- (2021) Power system structure optimization based on reinforcement learning and sparse constraints under DoS attacks in cloud environments
- (2021) Network Abnormal Traffic Detection Model Based on Semi-Supervised Deep Reinforcement Learning
- (2021) An adaptive honeypot using Q-Learning with severity analyzer
- (2021) Game-Theoretic Actor–Critic-Based Intrusion Response Scheme (GTAC-IRS) for Wireless SDN-Based IoT Networks
- (2021) A Reinforcement Learning Approach for Dynamic Information Flow Tracking Games for Detecting Advanced Persistent Threats
- (2021) Deep Reinforcement Learning for Backup Strategies against Adversaries
- (2021) A Secure Learning Control Strategy via Dynamic Camouflaging for Unknown Dynamical Systems under Attacks
- (2020) Per-Host DDoS Mitigation by Direct-Control Reinforcement Learning
- (2020) Game Theory and Reinforcement Learning Based Secure Edge Caching in Mobile Social Networks
- (2020) A New Black Box Attack Generating Adversarial Examples Based on Reinforcement Learning
- (2020) Deep Reinforcement Adversarial Learning Against Botnet Evasion Attacks
- (2020) Deep Reinforcement Learning for Adaptive Cyber Defense and Attacker’s Pattern Identification
- (2020) Reinforcement Learning Based Approach for Flip Attack Detection
- (2020) Reinforcement Learning in FlipIt
- (2020) CPSS LR-DDoS Detection and Defense in Edge Computing Utilizing DCNN Q-Learning
- (2020) Multi-agent Reinforcement Learning in Bayesian Stackelberg Markov Games for Adaptive Moving Target Defense
- (2020) An Intelligent Deployment Policy for Deception Resources Based on Reinforcement Learning
- (2020) Defense Against Advanced Persistent Threats: Optimal Network Security Hardening Using Multi-stage Maze Network Game
- (2020) Automated Adversary Emulation for Cyber-Physical Systems via Reinforcement Learning
- (2020) DRL-FAS: A Novel Framework Based on Deep Reinforcement Learning for Face Anti-Spoofing
- (2020) Q-Bully: A Reinforcement Learning based Cyberbullying Detection Framework
- (2020) Application-Layer DDoS Defense with Reinforcement Learning
- (2020) DQ-MOTAG: Deep Reinforcement Learning-based Moving Target Defense Against DDoS Attacks
- (2020) A Hybrid Game Theory and Reinforcement Learning Approach for Cyber-Physical Systems Security
- (2020) Machine Learning Cyberattack and Defense Strategies
- (2020) Automated Post-Breach Penetration Testing through Reinforcement Learning
- (2020) DeepBLOC: A Framework for Securing CPS through Deep Reinforcement Learning on Stochastic Games
- (2020) Deep Reinforcement Learning for DER Cyber-Attack Mitigation
- (2020) Adaptive Cyber Defense Against Multi-Stage Attacks Using Learning-Based POMDP
- (2020) Using Knowledge Graphs and Reinforcement Learning for Malware Analysis
- (2020) Autonomous Security Analysis and Penetration Testing
- (2020) POMDP + Information-Decay: Incorporating Defender's Behaviour in Autonomous Penetration Testing
- (2020) ATMoS: Autonomous Threat Mitigation in SDN using Reinforcement Learning
- (2020) Modeling Penetration Testing with Reinforcement Learning Using Capture-the-Flag Challenges: Trade-offs between Model-free Learning and A Priori Knowledge
- (2020) Finding Effective Security Strategies through Reinforcement Learning and Self-Play
- (2020) AFRL: Adaptive federated reinforcement learning for intelligent jamming defense in FANET
- (2020) Reinforcement Learning for Efficient Network Penetration Testing
- (2020) The Agent Web Model -- Modelling web hacking for reinforcement learning
- (2020) Stochastic Dynamic Information Flow Tracking Game using Supervised Learning for Detecting Advanced Persistent Threats
- (2020) Reinforcement Learning Based PHY Authentication for VANETs
- (2020) Deep Reinforcement Learning for Cybersecurity Assessment of Wind Integrated Power Systems
- (2020) Smart Security Audit: Reinforcement Learning with a Deep Neural Network Approximator
- (2020) Quickest Detection of Advanced Persistent Threats: A Semi-Markov Game Approach
- (2020) Distributed Reinforcement Learning for Cyber-Physical System With Multiple Remote State Estimation Under DoS Attacker
- (2020) Secure Crowdsensing in 5G Internet of Vehicles: When Deep Reinforcement Learning Meets Blockchain
- (2020) Deep Reinforcement Learning based Intrusion Detection System for Cloud Infrastructure
- (2020) Application of deep reinforcement learning to intrusion detection for supervised problems
- (2019) Deep Q-Learning and Particle Swarm Optimization for Bot Detection in Online Social Networks
- (2019) Finding Needles in a Moving Haystack: Prioritizing Alerts with Adversarial Reinforcement Learning
- (2019) Evaluation of Reinforcement Learning-Based False Data Injection Attack to Automatic Voltage Control
- (2019) Study of Learning of Power Grid Defense Strategy in Adversarial Stage Game
- (2019) Learning to Cope with Adversarial Attacks
- (2019) Learning Distributed Cooperative Policies for Security Games via Deep Reinforcement Learning
- (2019) An Efficient Reinforcement Learning-Based Botnet Detection approach
- (2019) Strategic Learning for Active, Adaptive, and Autonomous Cyber Defense
- (2019) QFlip: An Adaptive Reinforcement Learning Strategy for the FlipIt Security Game
- (2019) Solving Cyber Alert Allocation Markov Games with Deep Reinforcement Learning
- (2019) Adaptive Honeypot Engagement Through Reinforcement Learning of Semi-Markov Decision Processes
- (2019) Detecting Phishing Websites through Deep Reinforcement Learning
- (2019) Adversarial Deep Reinforcement Learning based Adaptive Moving Target Defense
- (2019) Autonomous Penetration Testing using Reinforcement Learning
- (2019) A Multistage Game in Smart Grid Security: A Reinforcement Learning Solution
- (2019) Automating Penetration Testing using Reinforcement Learning
- (2019) Reinforcement Learning-Based DoS Mitigation in Software Defined Networks
- (2019) Adversarial attack and defense in reinforcement learning-from AI security view
- (2019) A Learning-Based Solution for an Adversarial Repeated Game in Cyber–Physical Power Systems
- (2019) Empowering Reinforcement Learning on Big Sensed Data for Intrusion Detection
- (2019) Cyber-Attack Recovery Strategy for Smart Grid Based on Deep Reinforcement Learning
- (2019) Deep Reinforcement Learning for Partially Observable Data Poisoning Attack in Crowdsensing Systems
- (2018) Simulating SQL Injection Vulnerability Exploitation Using Q-Learning Reinforcement Learning Agents
- (2018) Security in Mobile Edge Caching with Reinforcement Learning
- (2018) Detection of online phishing email using dynamic evolving neural network based on reinforcement learning
- (2018) A reinforcement learning approach for attack graph analysis
- (2018) Reinforcement Learning for Autonomous Defence in Software-Defined Networking
- (2018) Learning to Evade Static PE Machine Learning Malware Models via Reinforcement Learning
- (2018) Autonomic Computer Network Defence Using Risk State and Reinforcement Learning
- (2018) Reinforcement Learning for Intelligent Penetration Testing
- (2018) Autonomous Intelligent Cyber-defense Agent (AICA) Reference Architecture
- (2018) Deep reinforecement learning based optimal defense for cyber-physical system in presence of unknown cyber-attack
- (2018) Adversarial Reinforcement Learning for Observer Design in Autonomous Systems under Cyber Attacks
- (2018) Machine learning for autonomous cyber defense
- (2018) Online Cyber-Attack Detection in Smart Grid: A Reinforcement Learning Approach
- (2018) Deep Reinforcement Learning based Smart Mitigation of DDoS Flooding in Software-Defined Networks
- (2018) UAV Relay in VANETs Against Smart Jamming With Reinforcement Learning
- (2018) A Game-Theoretical Approach to Cyber-Security of Critical Infrastructures Based on Multi-Agent Reinforcement Learning
- (2018) Security in Mobile Edge Caching with Reinforcement Learning
- (2018) Robotics CTF (RCTF), a playground for robot hacking
- (2018) An IRL Approach for Cyber-Physical Attack Intention Prediction and Recovery
- (2018) QRASSH - A Self-Adaptive SSH Honeypot Driven by Q-Learning
- (2018) Using Reinforcement Learning to Conceal Honeypot Functionality
- (2018) Improving adaptive honeypot functionality with efficient reinforcement learning parameters for automated malware
- (2018) Enhancing Machine Learning Based Malware Detection Model by Reinforcement Learning
- (2017) Network Defense Strategy Selection with Reinforcement Learning and Pareto Optimization
- (2017) Adversarial Reinforcement Learning in a Cyber Security Simulation
- (2017) Detecting Stealthy Botnets in a Resource-Constrained Environment using Reinforcement Learning
- (2017) Q-learning Based Vulnerability Analysis of Smart Grid against Sequential Topology Attacks
- (2017) Multi-agent Reinforcement Learning Based Cognitive Anti-jamming
- (2017) Reinforcement Learning Based Mobile Offloading for Cloud-Based Malware Detection
- (2017) A Secure Mobile Crowdsensing Game With Deep Reinforcement Learning
- (2017) Online Algorithms for Adaptive Cyber Defense on Bayesian Attack Graphs
- (2016) Markov Security Games: Learning in Spatial Security Problems
- (2016) Dynamic Scheduling of Cybersecurity Analysts for Minimizing Risk Using Reinforcement Learning
- (2016) Balancing Security and Performance for Agility in Dynamic Threat Environments
- (2016) Reinforcement Learning Based Anti-jamming with Wideband Autonomous Cognitive Radios
- (2016) PHY-Layer Spoofing Detection With Reinforcement Learning in Wireless Networks
- (2015) Application of reinforcement learning for security enhancement incognitive radio networks
- (2015) Power control with reinforcement learning in cooperative cognitive radio networks against jamming
- (2015) Game Theory with Learning for Cyber Security Monitoring
- (2015) Spoofing Detection with Reinforcement Learning in Wireless Networks
- (2015) Mobile Cloud Offloading for Malware Detections with Learning
- (2014) Reinforcement Learning Algorithms for Adaptive Cyber Defense against Heartbleed
- (2014) Cooperative game theoretic approach using fuzzy Q-learning for detecting and preventing intrusions in wireless sensor networks
- (2014) Q-Learning: From Computer Network Security to Software Security
- (2013) Multiagent Router Throttling: Decentralized Coordinated Response Against DDoS Attacks
- (2013) Hybrid Learning in Stochastic Games and Its Application in Network Security
- (2013) Competing Mobile Network Game: Embracing Antijamming and Jamming Strategies with Reinforcement Learning
- (2012) Intrusion Detection System using Log Files and Reinforcement Learning
- (2012) Anti-jamming in Cognitive Radio Networks Using Reinforcement Learning Algorithms
- (2011) An Anti-jamming Strategy for Channel Access in Cognitive Radio Networks
- (2011) Distributed strategic learning with application to network security
- (2010) Dynamic policy-based IDS configuration
- (2008) Reinforcement Learning for Vulnerability Assessment in Peer-to-Peer Networks
- (2007) Defending DDoS Attacks Using Hidden Markov Models and Cooperative Reinforcement Learning
- (2006) An intrusion detection game with limited observations
- (2005) A Reinforcement Learning Approach for Host-Based Intrusion Detection Using Sequences of System Calls
- (2005) Multi-agent reinforcement learning for intrusion detection
- (2000) Next Generation Intrusion Detection: Autonomous Reinforcement Learning of Network Attacks
- (2014) Distributed Reinforcement Learning for Network Intrusion Response
- (2009) Multi-Agent Reinforcement Learning for Intrusion Detection
- (2022) Reinforcement Learning-aided Dynamic Analysis of Evasive Malware
- (2021) Intrusion Detection Based on Reinforcement Learning
- (2021) Bayesian Reinforcement Learning Methods for Network Intrusion Prevention
- (2019) Learning to Hack
- (2018) Analysis of Network Intrusion Detection System with Machine Learning Algorithms (Deep Reinforcement Learning Algorithm)
- (2022) Autonomous Network Defence using Reinforcement Learning
- (2022) Intrusion Prevention through Optimal Stopping
- (2022) Intrusion Prevention through Optimal Stopping
- (2021) Learning Intrusion Prevention Policies through Optimal Stopping
↑ Books
- (2021) Game Theory and Machine Learning for Cyber Security (Chapter 5 on RL)
- (2019) Reinforcement Learning for Cyber-Physical Systems with Cybersecurity Case Studies
↑ Blogposts
- (2021) Gamifying machine learning for stronger security and AI models
- (2021) Automating Cyber-Security With Reinforcement Learning
- (2021) Towards a method for computing effective intrusion prevention policies using reinforcement learning
↑ Talks
- (2022) Reinforcement Learning for Complex Security Games and Beyond
- (2022) NOMS22 Demo - A System for Interactive Examination of Learned Security Policies - Hammar & Stadler
- (2022) Reinforcement Learning Applications: Cyber Security
- (2021) Deep hierarchical reinforcement agents for automated penetration testing
- (2021) CyGIL: A Cyber Gym for Training Autonomous Agents over Emulated Network Systems
- (2021) Simulating a Logistics Enterprise Using an Asymmetrical Wargame Simulation with Soar Reinforcement Learning and Coevolutionary Algorithms
- (2021) Incorporating Deception into CyberBattleSim for Autonomous Defense
- (2021) CybORG: A Gym for the Development of Autonomous Cyber Agents
- (2021) Defending the Cyber Front with AI - CyCon 2021
- (2021) Informing Autonomous Deception Systems with Cyber Expert Performance Data
- (2021) ACD 2021 Keynote - Prof. George Cybenko - Attrition in Adaptive Cyber Defense
- (2021) Reinforcement learning approaches on intusion detection
- (2021) Applying Deep Reinforcement Learning (DRL) in a Cyber Wargaming Engine
- (2021) Automated Penetration Testing using Reinforcement Learning
- (2021) Training an Autonomous Pentester with Deep RL
- (2021) Learning Intrusion Prevention Policies Through Optimal Stopping
- (2020) Finding Effective Security Strategies through Reinforcement Learning and Self-Play
- (2020) Autonomous Security Analysis and Penetration Testing: A reinforcement learning approach.
- (2019) Cost-Efficient Malware Detection Using Deep Reinforcement Learning
- (2019) Trying to Make Meterpreter into an Adversarial Example
- (2019) A Reinforcement Learning Framework for Smart, Secure, and Efficient Cyber-Physical Autonomy
- (2019) Adaptive Honeypot Engagement through Reinforcement Learning of Semi-Markov Decision Processes
- (2018) Autonomous Cyber Defense: AI and the Immune System Approach
- (2018) Bonware to the Rescue: the Future Autonomous Cyber Defense Agents | Dr Alexander Kott | CAMLIS 2018
↑ Miscellaneous
- (2022) ICML Workshop on Machine Learning for Cybersecurity
- (2022) AAAI Workshop on Artificial Intelligence for Cyber Security (AICS)
- (2021) IJCAI First International Workshop on Adaptive Cyber Defense
- (2021) Self-Learning AI
- (2021) AI/ML for Cybersecurity: Challenges, Solutions, and Novel Ideas at SIAM Data Mining 2021
- (2020) Self-Learning Systems for Cyber Defense
Contribution are very welcome and will be accepted on a regular basis! Please use Github issues and pull requests.
Creative Commons
(C) 2022