Skip to main content
Springer Nature Link
Log in

CO-DECYBER: Co-operative Decision Making for Cybersecurity Using Deep Multi-agent Reinforcement Learning

  • Conference paper
  • First Online:
Computer Security. ESORICS 2023 International Workshops (ESORICS 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14399))

Included in the following conference series:

  • 859 Accesses

Abstract

Autonomous decision making for cyber-defence in operational situations is desirable but challenging. This is due to the nature of operational technology (because of its cyber-physical nature) as well as the need to account for multiple contexts. Our contribution is the creation of a co-operative decision-making framework to enable autonomous cyber-defence (which we call Co-Decyber). This framework allows us to break up a big multi-contextual action space into smaller decisions that multiple agents can optimize between. We apply this framework to an autonomous vehicle platooning scenario. Results show that Co-Decyber agents are outperforming random reference agents in the cyber-attack scenarios we have tested. We aim to extend this work with more complex attack scenarios, along with training more agents to defend more of the attack surface. We conclude that this framework when mature will contribute to the goal of providing autonomous cyber-defence for operational technology.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Dhir, N., Hoeltgebaum, H., Adams, N., Briers, M., Burke, A., Jones, P.: Prospective artificial intelligence approaches for active cyber defence (2021). https://arxiv.org/pdf/2104.09981.pdf

  2. Vyas, S., Hannay, J., Bolton, A., Burnap, P.P.: Automated cyber defence: a review (2023). arXiv preprint arXiv:2303.04926

  3. Bridges, R.A., et al.: Testing SOAR tools in use. Comput. Secur. 129, 103201 (2023)

    Article  Google Scholar 

  4. Jhawar, R., Mauw, S., Zakiuddin, I.: Automating cyber defence responses using attack-defence trees and game theory. In: European Conference on Cyber Warfare and Security, p. 163. Academic Conferences International Limited (2016)

    Google Scholar 

  5. Kordy, B., Mauw, S., Melissen, M., Schweitzer, P.: Attack–defense trees and two-player binary zero-sum extensive form games are equivalent. In: Alpcan, T., Buttyán, L., Baras, J.S. (eds) Decision and Game Theory for Security. GameSec 2010. Lecture Notes in Computer Science, vol. 6442. Springer, Berlin, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17197-0_17

  6. Eom, T., Hong, J.B., An, S., Park, J.S., Kim, D.S.: A framework for real-time intrusion response in software defined networking using precomputed graphical security models. Secur. Commun. Networks 2020, 1–15 (2020)

    Article  Google Scholar 

  7. Nguyen, T.T., Reddi, V.J.: Deep reinforcement learning for cyber security. IEEE Transactions on Neural Networks and Learning Systems 34, 1–17 (2021)

    Google Scholar 

  8. Object Management Group: About the DDS security specification version 1.1 (2018). https://www.omg.org/spec/DDS-SECURITY/

  9. Chowdhary, A., Huang, D., Sabur, A., Vadnere, N., Kang, M., Montrose, B.: SDN-based moving target defense using multi-agent reinforcement learning. In: Proceedings of the first International Conference on Autonomous Intelligent Cyber defense Agents, p. 15. Paris, France (2021)

    Google Scholar 

  10. Yao, Q., Wang, Y., Xiong, X., Wang, P., Li, Y.: Adversarial decision-making for moving target defense: a multi-agent Markov game and reinforcement learning approach. Entropy 25(4), 605 (2023)

    Article  Google Scholar 

  11. Kordy, B., Piètre-Cambacédès, L., Schweitzer, P.: DAG-based attack and defense modeling: don’t miss the forest for the attack trees. Comput. Sci. Rev. 13, 1–38 (2014)

    Article  Google Scholar 

  12. Soviany, P., Ionescu, R.T., Rota, P., Sebe, N.: Curriculum learning: a survey. Int. J. Comput. Vision 130(6), 1526–1565 (2022)

    Article  Google Scholar 

  13. Jeon, J., Kim, W., Jung, W., Sung, Y.: Maser: Multi-agent reinforcement learning with subgoals generated from experience replay buffer. In International Conference on Machine Learning, pp. 10041–10052. PMLR (2022)

    Google Scholar 

  14. Brockman, G., et al.: Openai gym. arXiv Preprint arXiv:1606.01540 (2016)

  15. Terry, J., et al.: Pettingzoo: gym for multi-agent reinforcement learning. In: Advances in Neural Information Processing Systems, vol. 34, pp. 15032–15043 (2021)

    Google Scholar 

Download references

Acknowledgements

This research is funded by Frazer-Nash Consultancy Ltd. on behalf of the Defence Science and Technology Laboratory (Dstl), an executive agency of the UK Ministry of Defence. The research forms part of the Autonomous Resilient Cyber Defence (ARCD) project within the Dstl Cyber Defence Enhancement programme.

Author information

Authors and Affiliations

  1. Cambridge Consultants, 29 Cambridge Science Park, Milton Road, Cambridge, CB4 0DW, UK

    Madeline Cheah, Jack Stone, Peter Haubrick, Samuel Bailey, David Rimmer, Demian Till, Matt Lacey, Jo Kruczynska & Mark Dorn

Authors
  1. Madeline Cheah
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jack Stone
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Peter Haubrick
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Samuel Bailey
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. David Rimmer
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Demian Till
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Matt Lacey
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Jo Kruczynska
    View author publications

    You can also search for this author in PubMed Google Scholar

  9. Mark Dorn
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Madeline Cheah .

Editor information

Editors and Affiliations

  1. Norwegian University of Science and Technology, Gjøvik, Norway

    Sokratis Katsikas

  2. Norwegian Computing Center, Oslo, Norway

    Habtamu Abie

  3. University of Trento, Trento, Italy

    Silvio Ranise

  4. University of Genoa, Genoa, Italy

    Luca Verderame

  5. Consiglio Nazionale delle Ricerche (CNR), Genoa, Italy

    Enrico Cambiaso

  6. SINTEF A.S., Oslo, Norway

    Rita Ugarelli

  7. Instituto Superior de Engenharia do Porto, Porto, Portugal

    Isabel Praça

  8. Hong Kong Polytechnic University, Hong Kong, China

    Wenjuan Li

  9. Technical University of Denmark, Kongens Lyngby, Denmark

    Weizhi Meng

  10. University of Nottingham, Nottingham, UK

    Steven Furnell

  11. Norwegian University of Science and Technology, Gjøvik, Norway

    Basel Katt

  12. Norwegian Computing Center, Oslo, Norway

    Sandeep Pirbhulal

  13. Institute for Energy Technology (IFE), Halden, Norway

    Ankur Shukla

  14. University of Calabria, Rende, Italy

    Michele Ianni

  15. University of Verona, Verona, Italy

    Mila Dalla Preda

  16. The University of Texas at San Antonio, San Antonio, TX, USA

    Kim-Kwang Raymond Choo

  17. University of Lisbon, Lisbon, Portugal

    Miguel Pupo Correia

  18. University of Twente, Enschede, The Netherlands

    Abhishta Abhishta

  19. University of Amsterdam, Amsterdam, The Netherlands

    Giovanni Sileno

  20. Open University in the Netherlands, Heerlen, The Netherlands

    Mina Alishahi

  21. Robert Gordon University, Aberdeen, UK

    Harsha Kalutarage

  22. Osaka University, Osaka, Japan

    Naoto Yanai

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Cheah, M. et al. (2024). CO-DECYBER: Co-operative Decision Making for Cybersecurity Using Deep Multi-agent Reinforcement Learning. In: Katsikas, S., et al. Computer Security. ESORICS 2023 International Workshops. ESORICS 2023. Lecture Notes in Computer Science, vol 14399. Springer, Cham. https://doi.org/10.1007/978-3-031-54129-2_37

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-54129-2_37

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-54128-5

  • Online ISBN: 978-3-031-54129-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics