kth.sePublications
System disruptions
We are currently experiencing disruptions on the search portals due to high traffic. We are working to resolve the issue, you may temporarily encounter an error message.
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Learning Intrusion Prevention Policies through Optimal Stopping
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering. (KTH Ctr Cyber Def & Informat Secur, Stockholm, Sweden.)ORCID iD: 0000-0003-1773-8354
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering. (KTH Ctr Cyber Def & Informat Secur, Stockholm, Sweden.)ORCID iD: 0000-0001-6039-8493
2021 (English)In: Proceedings Of The 2021 17Th International Conference On Network And Service Management (CNSM 2021): Smart Management For Future Networks And Services / [ed] Chemouil, P Ulema, M Clayman, S Sayit, M Cetinkaya, C Secci, S, IEEE, 2021, p. 509-517Conference paper, Published paper (Refereed)
Abstract [en]

We study automated intrusion prevention using reinforcement learning. In a novel approach, we formulate the problem of intrusion prevention as an optimal stopping problem. This formulation allows us insight into the structure of the optimal policies, which turn out to be threshold based. Since the computation of the optimal defender policy using dynamic programming is not feasible for practical cases, we approximate the optimal policy through reinforcement learning in a simulation environment. To define the dynamics of the simulation, we emulate the target infrastructure and collect measurements. Our evaluations show that the learned policies are close to optimal and that they indeed can be expressed using thresholds.
Place, publisher, year, edition, pages
IEEE, 2021. p. 509-517
Series
International Conference on Network and Service Management, ISSN 2165-9605
Keywords [en]
Network Security, automation, optimal stopping, reinforcement learning, Markov Decision Processes
National Category
Computer Sciences Probability Theory and Statistics Reliability and Maintenance
Identifiers
URN: urn:nbn:se:kth:diva-316712DOI: 10.23919/CNSM52442.2021.9615542ISI: 000836226700080Scopus ID: 2-s2.0-85123452404OAI: oai:DiVA.org:kth-316712DiVA, id: diva2:1691534
Conference
17th International Conference on Network and Service Management (CNSM) - Smart Management for Future Networks and Services, OCT 25-29, 2021, ELECTR NETWORK
Note

Part of proceedings: ISBN 978-3-903176-36-2, QC 20220830

Available from: 2022-08-30 Created: 2022-08-30 Last updated: 2022-08-31Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Hammar, KimStadler, Rolf

Search in DiVA

By author/editor
Hammar, KimStadler, Rolf
By organisation
Network and Systems Engineering
Computer SciencesProbability Theory and StatisticsReliability and Maintenance

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 89 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.45.0
|
WCAG
|
KTH Library
|
DiVA support
|
Register in DiVA
|
Posting your thesis
|
SwePub