Saved in:
Bibliographic Details
Main Authors: Hammar, Kim, Stadler, Rolf
Format: Preprint
Published: 2022
Subjects:
Online Access:https://arxiv.org/abs/2204.01126
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866929321128493056
author Hammar, Kim
Stadler, Rolf
author_facet Hammar, Kim
Stadler, Rolf
contents We present a system for interactive examination of learned security policies. It allows a user to traverse episodes of Markov decision processes in a controlled manner and to track the actions triggered by security policies. Similar to a software debugger, a user can continue or or halt an episode at any time step and inspect parameters and probability distributions of interest. The system enables insight into the structure of a given policy and in the behavior of a policy in edge cases. We demonstrate the system with a network intrusion use case. We examine the evolution of an IT infrastructure's state and the actions prescribed by security policies while an attack occurs. The policies for the demonstration have been obtained through a reinforcement learning approach that includes a simulation system where policies are incrementally learned and an emulation system that produces statistics that drive the simulation runs.
format Preprint
id arxiv_https___arxiv_org_abs_2204_01126
institution arXiv
publishDate 2022
record_format arxiv
spellingShingle A System for Interactive Examination of Learned Security Policies
Hammar, Kim
Stadler, Rolf
Cryptography and Security
Machine Learning
We present a system for interactive examination of learned security policies. It allows a user to traverse episodes of Markov decision processes in a controlled manner and to track the actions triggered by security policies. Similar to a software debugger, a user can continue or or halt an episode at any time step and inspect parameters and probability distributions of interest. The system enables insight into the structure of a given policy and in the behavior of a policy in edge cases. We demonstrate the system with a network intrusion use case. We examine the evolution of an IT infrastructure's state and the actions prescribed by security policies while an attack occurs. The policies for the demonstration have been obtained through a reinforcement learning approach that includes a simulation system where policies are incrementally learned and an emulation system that produces statistics that drive the simulation runs.
title A System for Interactive Examination of Learned Security Policies
topic Cryptography and Security
Machine Learning
url https://arxiv.org/abs/2204.01126