Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

Reinforcement Learning for feedback-enabled cyber resilience

Journal Article · · Annual Reviews in Control
 [1];  [2];  [2]
  1. New York University (NYU), NY (United States); OSTI
  2. New York University (NYU), NY (United States)
+ Show Author Affiliations

The rapid growth in the number of devices and their connectivity has enlarged the attack surface and made cyber systems more vulnerable. As attackers become increasingly sophisticated and resourceful, mere reliance on traditional cyber protection, such as intrusion detection, firewalls, and encryption, is insufficient to secure the cyber systems. Cyber resilience provides a new security paradigm that complements inadequate protection with resilience mechanisms. A Cyber-Resilient Mechanism (CRM) adapts to the known or zero-day threats and uncertainties in real-time and strategically responds to them to maintain the critical functions of the cyber systems in the event of successful attacks. Feedback architectures play a pivotal role in enabling the online sensing, reasoning, and actuation process of the CRM. Reinforcement Learning (RL) is an important gathering of algorithms that epitomize the feedback architectures for cyber resilience. It allows the CRM to provide dynamic and sequential responses to attacks with limited or without prior knowledge of the environment and the attacker. In this work, we review the literature on RL for cyber resilience and discuss the cyber-resilient defenses against three major types of vulnerabilities, i.e., posture-related, information-related, and human-related vulnerabilities. Here we introduce moving target defense, defensive cyber deception, and assistive human security technologies as three application domains of CRMs to elaborate on their designs. The RL algorithms also have vulnerabilities themselves. We explain the major vulnerabilities of RL and present develop several attack models where the attacker target the information exchanged between the environment and the agent: the rewards, the state observations, and the action commands. We show that the attacker can trick the RL agent into learning a nefarious policy with minimum attacking effort. The paper introduces several defense methods to secure the RL-enabled systems from these attacks. However, there is still a lack of works that focuses on the defensive mechanisms for RL-enabled systems. Last but not least, we discuss the future challenges of RL for cyber security and resilience and emerging applications of RL-based CRMs.

Research Organization:
The Ohio State University, Columbus, OH (United States); New York University (NYU), NY (United States)
Sponsoring Organization:
USDOE Office of Nuclear Energy (NE); National Science Foundation (NSF); Army Research Office (ARO)
Grant/Contract Number:
NE0008986
OSTI ID:
1976876
Journal Information:
Annual Reviews in Control, Journal Name: Annual Reviews in Control Journal Issue: C Vol. 53; ISSN 1367-5788
Publisher:
International Federation of Automatic Control - ElsevierCopyright Statement
Country of Publication:
United States
Language:
English

References (64)

Metalearning: a survey of trends and technologies journal July 2013
On the rewards of self-adaptive IoT honeypots journal January 2019
Theory and applications of adaptive control—A survey journal September 1983
Decentralized control: An overview journal April 2008
Resilient control under Denial-of-Service: Robust design journal May 2017
Control structure design for complete chemical plants journal January 2004
A dynamic games approach to proactive defense strategies against Advanced Persistent Threats in cyber-physical systems journal February 2020
Detection of online phishing email using dynamic evolving neural network based on reinforcement learning journal March 2018
Distributed response to network intrusions using multiagent reinforcement learning journal May 2015
Application of deep reinforcement learning to intrusion detection for supervised problems journal March 2020
Securing oil and gas infrastructure journal January 2007
Finite-horizon semi-Markov game for time-sensitive attack response and probabilistic risk assessment in nuclear power plants journal September 2020
Power system structure optimization based on reinforcement learning and sparse constraints under DoS attacks in cloud environments journal July 2021
Mastering the game of Go with deep neural networks and tree search journal January 2016
Fast reinforcement learning with generalized policy updates journal August 2020
Event-triggered resilient control for cyber-physical system under denial-of-service attacks journal October 2018
Improving adaptive honeypot functionality with efficient reinforcement learning parameters for automated malware journal April 2018
Dynamic games for secure and resilient control system design journal January 2020
Stabilizing and destabilizing control for a piecewise-linear circuit journal January 1998
An Intelligent Deployment Policy for Deception Resources Based on Reinforcement Learning journal January 2020
CPSS LR-DDoS Detection and Defense in Edge Computing Utilizing DCNN Q-Learning journal January 2020
Adversarial Attacks Against Reinforcement Learning-Based Portfolio Management Strategy journal January 2021
DESOLATER: Deep Reinforcement Learning-Based Resource Allocation and Moving Target Defense Deployment Framework journal January 2021
A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection journal July 2016
Deep Reinforcement Learning for Partially Observable Data Poisoning Attack in Crowdsensing Systems journal July 2020
A Comprehensive Survey on Transfer Learning journal January 2021
Interference Aware Routing Game for Cognitive Radio Multi-Hop Networks journal November 2012
A Bi-Level Game Approach to Attack-Aware Cyber Insurance of Computer Networks journal March 2017
Deep Reinforcement Learning for Mobile Edge Caching: Review, New Features, and Open Issues journal November 2018
The Ransomware Threat to Energy-Delivery Systems journal May 2021
Anti-honeypot technology journal January 2004
Combating the Insider Cyber Threat journal January 2008
Stuxnet: Dissecting a Cyberwarfare Weapon journal May 2011
IoT Security Techniques Based on Machine Learning: How Do IoT Devices Use AI to Enhance Security? journal September 2018
Security in Mobile Edge Caching with Reinforcement Learning journal June 2018
Markov decision processes with delays and asynchronous cost collection journal April 2003
Design of Networked Control Systems With Packet Dropouts journal July 2007
Secure Estimation and Control for Cyber-Physical Systems Under Adversarial Attacks journal June 2014
LQ Secure Control for Cyber-Physical Systems Against Sparse Sensor and Actuator Attacks journal June 2019
A Differential Game Approach to Decentralized Virus-Resistant Weight Adaptation Policy Over Complex Networks journal June 2020
Reliable Control Policy of Cyber-Physical Systems Against a Class of Frequency-Constrained Sensor and Actuator Attacks journal December 2018
$\mathtt{FlipIn}$ : A Game-Theoretic Cyber Insurance Framework for Incentive-Compatible Cyber Risk Management of Internet of Things journal January 2020
DRL-FAS: A Novel Framework Based on Deep Reinforcement Learning for Face Anti-Spoofing journal January 2021
Duplicity Games for Deception Design With an Application to Insider Threat Mitigation journal January 2021
A Multistage Game in Smart Grid Security: A Reinforcement Learning Solution journal September 2019
Distributed Reinforcement Learning for Cyber-Physical System With Multiple Remote State Estimation Under DoS Attacker journal October 2020
Dependable Demand Response Management in the Smart Grid: A Stackelberg Game Approach journal March 2013
Evaluation of Reinforcement Learning-Based False Data Injection Attack to Automatic Voltage Control journal March 2019
Online Cyber-Attack Detection in Smart Grid: A Reinforcement Learning Approach journal September 2019
PHY-Layer Spoofing Detection With Reinforcement Learning in Wireless Networks journal December 2016
Attack models and scenarios for networked control systems conference January 2012
Game theory meets network security and privacy journal June 2013
Compliance Control conference October 2015
Forecasting Zero-Day Vulnerabilities conference April 2016
A Game-Theoretic Approach to Secure Control of Communication-Based Train Control Systems Under Jamming Attacks conference April 2017
Detecting Stealthy Botnets in a Resource-Constrained Environment using Reinforcement Learning conference October 2017
Adaptive Strategic Cyber Defense for Advanced Persistent Threats in Critical Infrastructure Networks journal January 2019
A Game-theoretic Taxonomy and Survey of Defensive Deception for Cybersecurity and Privacy journal August 2019
Survey of review spam detection using machine learning techniques journal October 2015
A Tutorial on Thompson Sampling journal January 2018
An Introduction to Deep Reinforcement Learning journal January 2018
On the Control of Multi-Agent Systems: A Survey journal January 2019
Reinforcement Learning with Perturbed Rewards journal April 2020
Social Engineering Attacks: A Survey journal April 2019

Similar Records

Defense on the Move: Ant-Based Cyber Defense
Journal Article · Tue Apr 15 00:00:00 EDT 2014 · IEEE Security & Privacy, 12(2):36-43 · OSTI ID:1158971
Automated Adversary Emulation for Cyber-Physical Systems via Reinforcement Learning
Conference · Sun Nov 15 23:00:00 EST 2020 · OSTI ID:1760319
Deception used for Cyber Defense of Control Systems
Conference · Fri May 01 00:00:00 EDT 2009 · OSTI ID:957557

Related Subjects

97 MATHEMATICS AND COMPUTING
advanced persistent threats
cyber deception
cyber vulnerabilities
feedback control systems
honeypots
human inattention
moving target defense
optimal control theory
reinforcement Learning
resilience
security