Autonomous Network Defence Using Multi-Agent Reinforcement Learning and Self-Play

Author

Roberto G. Campbell, San Jose State UniversityFollow

Publication Date

Spring 2022

Degree Type

Thesis

Degree Name

Master of Science (MS)

Department

Computer Engineering

Advisor

Magdalini Eirinaki

Subject Areas

Computer engineering

Abstract

Early threat detection is an increasing part of the cybersecurity landscape, given the growing scale and scope of cyberattacks in the recent years. Increasing exploitation of software vulnerabilities, especially in the manufacturing sector, demonstrates the ongoing need for autonomous network defence. In this work, we model the problem as a zero-sum Markov game between an attacker and defender reinforcement learning agents. Previous methods test their approach on a single topology or limit the agents to a subset of the network. However, real world networks are rarely fixed and often add or remove hosts based on demand, link failures, outages, or other factors. We do not confine our research to a fixed network in terms of size and topology, but instead are interested in larger networks and varied topologies to determine the scalability and robustness of the approach. We consider additional topologies and a robust training curriculum that incorporates network topologies to build more general, capable agents. We also use PPO which offers a good balance of computational complexity and convergence speed.

Recommended Citation

Campbell, Roberto G., "Autonomous Network Defence Using Multi-Agent Reinforcement Learning and Self-Play" (2022). Master's Theses. 5253.
DOI: https://doi.org/10.31979/etd.8pey-takb
https://scholarworks.sjsu.edu/etd_theses/5253