{"id":13518089,"url":"https://github.com/Limmen/awesome-rl-for-cybersecurity","last_synced_at":"2025-03-31T09:31:08.933Z","repository":{"id":41083986,"uuid":"438261392","full_name":"Limmen/awesome-rl-for-cybersecurity","owner":"Limmen","description":"A curated list of resources dedicated to reinforcement learning applied to cyber security. ","archived":false,"fork":false,"pushed_at":"2024-05-16T06:06:04.000Z","size":8774,"stargazers_count":661,"open_issues_count":2,"forks_count":96,"subscribers_count":26,"default_branch":"master","last_synced_at":"2024-05-19T20:00:52.996Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Limmen.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-12-14T13:22:31.000Z","updated_at":"2024-05-29T04:34:27.159Z","dependencies_parsed_at":"2023-10-26T13:49:19.466Z","dependency_job_id":"fbf74948-b710-497c-901d-ef404d2b85a1","html_url":"https://github.com/Limmen/awesome-rl-for-cybersecurity","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Limmen%2Fawesome-rl-for-cybersecurity","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Limmen%2Fawesome-rl-for-cybersecurity/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Limmen%2Fawesome-rl-for-cybersecurity/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Limmen%2Fawesome-rl-for-cybersecurity/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Limmen","download_url":"https://codeload.github.com/Limmen/awesome-rl-for-cybersecurity/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246365641,"owners_count":20765546,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T05:01:40.667Z","updated_at":"2025-03-31T09:31:08.922Z","avatar_url":"https://github.com/Limmen.png","language":null,"funding_links":[],"categories":["Technical","Awesome Repositories","Table of Contents","Unicorn","Other Lists","📘 Valuable Repositories","Here is a collection of hackers, pentesters, security researchers, scripts and more:"],"sub_categories":["awesome-*","TeX Lists"],"readme":"\n\u003ch1 align=\"center\"\u003e Awesome Reinforcement Learning \u003cbr\u003efor Cyber Security \u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"https://awesome.re/badge.svg\"\u003e\n \u003ca href=\"https://github.com/Limmen/awesome-rl-for-cybersecurity\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/Awesome-AwesomeRLForCyber-orange\"\u003e\n \u003c/a\u003e\n \u003ca href=\"https://github.com/Limmen/awesome-rl-for-cybersecurity/stargazers\"\u003e\n \u003cimg src=\"https://img.shields.io/github/stars/Limmen/awesome-rl-for-cybersecurity\"\u003e\n \u003c/a\u003e\n \u003ca href=\"https://github.com/Limmen/awesome-rl-for-cybersecurity/network/members\"\u003e\n \u003cimg src=\"https://img.shields.io/github/forks/Limmen/awesome-rl-for-cybersecurity\"\u003e\n \u003c/a\u003e\n \u003ca href=\"https://github.com/Limmen/awesome-rl-for-cybersecurity\"\u003e\n \u003cimg src=\"https://img.shields.io/github/issues/Limmen/awesome-rl-for-cybersecurity\"\u003e\n \u003c/a\u003e\n\u003ca href=\"https://github.com/Limmen/awesome-rl-for-cybersecurity#contributors-\"\u003e\u003cimg src=\"https://img.shields.io/badge/all_contributors-3-orange.svg\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\nA curated list of resources dedicated to reinforcement learning applied to cyber security.\nNote that the list includes only work that uses reinforcement learning, general machine learning methods applied to cyber security are not included in this list.\n\nFor other related curated lists, see :\n\n* [Awesome Machine Learning for Cyber Security](https://github.com/jivoi/awesome-ml-for-cybersecurity)\n* [Awesome Adversarial Machine Learning](https://github.com/yenchenlin/awesome-adversarial-machine-learning)\n\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"imgs/network_chess.png\" width=\"50%\", height=\"50%\"\u003e\n\u003c/p\u003e\n\n## Table of Contents\n\n - [RL-Environments](#-environments)\n - [Papers](#-papers)\n - [Books](#-books)\n - [Blogposts](#-blogposts)\n - [Talks](#-talks)\n - [Miscellaneous](#-miscellaneous)\n\n## [↑](#table-of-contents) Environments\n\n### `Cyborg++`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/cyborgplusplus.png' /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/alan-turing-institute/CybORG_plus_plus'\u003eCybORG++: An Enhanced Gym for the Development of Autonomous Cyber Agents\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\nCybORG++ is an advanced toolkit for reinforcement learning research focused on network defence. Building on the CAGE 2 CybORG environment, it introduces key improvements, including enhanced debugging capabilities, refined agent implementation support, and a streamlined environment that enables faster training and easier customization. Along with addressing several software bugs from its predecessor, CybORG++ introduces MiniCAGE, a lightweight version of CAGE 2.\n \u003c/li\u003e\n\t\t \u003cli\u003e\n\t\t Paper: \u003ca href=\"https://arxiv.org/pdf/2410.16324v1\"\u003e(2024) CybORG++: An Enhanced Gym for the Development of Autonomous Cyber Agents\u003c/a\u003e\u003cbr/\u003e\n\t\t \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n\n### `Cybershield`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/cybershield.png' /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://ieeexplore.ieee.org/document/10710208'\u003eCYBERSHIELD: A Competitive Simulation Environment for Training AI in Cybersecurity\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\nCyberShield encompasses a comprehensive environment with multiple computers, each hosting various services with unique vulnerabilities. Within this environment, two opposing agents, defender and attacker, participate in a strategic battle, each equipped with distinct actions aimed at outsmarting the other. CyberShield is optimized for competitive multi-agent training using RL algorithms.\n \u003c/li\u003e\n\t\t \u003cli\u003e\n\t\t Paper: \u003ca href=\"https://ieeexplore.ieee.org/document/10710208\"\u003e(2024) CYBERSHIELD: A Competitive Simulation Environment for Training AI in Cybersecurity\u003c/a\u003e\u003cbr/\u003e\n\t\t \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `Cyberwheel`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/cyberwheel.png' /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/ORNL/cyberwheel'\u003eCyberwheel: A Reinforcement Learning Simulation Environment\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\nCyberwheel is a Reinforcement Learning (RL) simulation environment built for training and evaluating autonomous cyber defense models on simulated networks. It was built with modularity in mind, to allow users to build on top of it to fit their needs, supporting various robust configuration files to build networks, services, host types, defensive agents, and more. Cyberwheel is being developed by Oak Ridge National Lab (ORNL).\n \u003c/li\u003e\n\t\t \u003cli\u003e\n\t\t Paper: \u003ca href=\"https://doi.org/10.1145/3675741.3675752\"\u003e(2024) Towards a High Fidelity Training Environment for Autonomous Cyber Defense Agents\u003c/a\u003e\u003cbr/\u003e\n\t\t \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `Pentesting Training Framework for Reinforcement Learning Agents (PenGym)`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/pengym.png' /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/cyb3rlab/PenGym'\u003ePenGym: Pentesting Training Framework for Reinforcement Learning Agents\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\nPenGym is a framework for creating and managing realistic environments used for the training of Reinforcement Learning (RL) agents for penetration testing purposes. PenGym uses the same API with the Gymnasium fork of the OpenAI Gym library, thus making it possible to employ PenGym with all the RL agents that follow those specifications. PenGym is being developed by Japan Advanced Institute of Science and Technology (JAIST) in collaboration with KDDI Research, Inc.\n \u003c/li\u003e\n\t\t \u003cli\u003e\n\t\t Paper: \u003ca href=\"https://www.jaist.ac.jp/~razvan/publications/pengym_framework_rl_agents.pdf\"\u003e(2024) PenGym: Pentesting Training Framework for Reinforcement Learning Agents\u003c/a\u003e\u003cbr/\u003e\n\t\t \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `The ARCD Primary-level AI Training Environment (PrimAITE)`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/primaite.png' /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/Autonomous-Resilient-Cyber-Defence/PrimAITE'\u003eThe ARCD Primary-level AI Training Environment (PrimAITE)\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n The ARCD Primary-level AI Training Environment (PrimAITE) provides an effective simulation capability for the purposes of training and evaluating AI in a cyber-defensive role.\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `CSLE: The Cyber Security Learning Environment`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/csle_logo_cropped.png' /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/Limmen/csle'\u003eCSLE: The Cyber Security Learning Environment\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n CSLE is a platform for evaluating and developing reinforcement learning agents for control problems in cyber security. It can be considered as a cyber range specifically designed for reinforcement learning agents. Everything from network emulation, to simulation and implementation of network commands have been co-designed to provide an environment where it is possible to train and evaluate reinforcement learning agents on practical problems in cyber security.\n \u003c/li\u003e\n\t\t \u003cli\u003e\n\t\t Paper: \u003ca href=\"https://ieeexplore.ieee.org/document/9779345\"\u003e(2022) Intrusion Prevention Through Optimal Stopping\u003c/a\u003e\u003cbr/\u003e\n\t\t Thesis: \u003ca href=\"https://kth.diva-portal.org/smash/record.jsf?pid=diva2%3A1912164\u0026dswid=7946\"\u003e(2024) Optimal Security Response to Network Intrusions in IT Systems\u003c/a\u003e\u003cbr/\u003e\n\t\t \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `AutoPentest-DRL`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='https://raw.githubusercontent.com/crond-jaist/AutoPentest-DRL/master/Figures/framework_overview.png' /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/crond-jaist/AutoPentest-DRL'\u003eAutoPentest-DRL: Automated Penetration Testing Using Deep Reinforcement Learning\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n AutoPentest-DRL is an automated penetration testing framework based on Deep Reinforcement Learning (DRL) techniques. AutoPentest-DRL can determine the most appropriate attack path for a given logical network, and can also be used to execute a penetration testing attack on a real network via tools such as Nmap and Metasploit. This framework is intended for educational purposes, so that users can study the penetration testing attack mechanisms. AutoPentest-DRL is being developed by the Cyber Range Organization and Design (\u003ca href=\"https://www.jaist.ac.jp/misc/crond/index-en.html\"\u003eCROND\u003c/a\u003e) NEC-endowed chair at the Japan Advanced Institute of Science and Technology (\u003ca href=\"https://www.jaist.ac.jp/english/\"\u003eJAIST\u003c/a\u003e) in Ishikawa,Japan.\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `NASimEmu`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/nasimemu.svg' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/jaromiru/NASimEmu'\u003eNASimEmu\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n NASimEmu is a framework for training deep RL agents in offensive penetration-testing scenarios. It includes both a simulator and an emulator so that a simulation-trained agent can be seamlessly deployed in emulation. Additionally, it includes a random generator that can create scenario instances varying in network configuration and size while fixing certain features, such as exploits and privilege escalations. Furthermore, agents can be trained and tested in multiple scenarios simultaneously.\u003cbr/\u003e\u003cbr/\u003e\n Paper: \u003ca href=\"https://arxiv.org/abs/2305.17246\"\u003e(2023) NASimEmu: Network Attack Simulator \u0026 Emulator for Training Agents Generalizing to Novel Scenarios\u003c/a\u003e\u003cbr/\u003e\n Framework: \u003ca href=\"https://github.com/jaromiru/NASimEmu\"\u003eNASimEmu\u003c/a\u003e\u003cbr/\u003e\n Implemented agents: \u003ca href=\"https://github.com/jaromiru/NASimEmu-agents\"\u003eNASimEmu-agents\u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `gym-idsgame`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='gifs/gym_idsgame.gif' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/Limmen/gym-idsgame'\u003egym-idsgame\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n An Abstract Cyber Security Simulation and Markov Game for OpenAI Gym.\n Paper: \u003ca href=\"https://arxiv.org/abs/2009.08120\"\u003e(2020) Finding Effective Security Strategies through Reinforcement Learning and Self-Play\u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `CyberBattleSim` (Microsoft)\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/cyberbattlesim_env.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/microsoft/CyberBattleSim'\u003eCyberBattleSim\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n CyberBattleSim is an experimentation research platform to investigate the interaction of automated agents operating in a simulated abstract enterprise network environment. The simulation provides a high-level abstraction of computer networks and cyber security concepts. Its Python-based Open AI Gym interface allows for the training of automated agents using reinforcement learning algorithms.\n Blogpost: \u003ca href=\"https://www.microsoft.com/security/blog/2021/04/08/gamifying-machine-learning-for-stronger-security-and-ai-models/\"\u003e(2021) Gamifying machine learning for stronger security and AI models\u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `gym-malware`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/malware_env.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/endgameinc/gym-malware'\u003egym-malware\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n Malware Env for OpenAI Gym\n Paper: \u003ca href=\"https://arxiv.org/pdf/1801.08917.pdf\"\u003e(2018) Learning to Evade Static PE Machine Learning Malware Models via Reinforcement Learning\u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `malware-rl`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/malware_env.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/bfilar/malware_rl'\u003emalware-rl\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n Extended and Updated `gym_malware` which supports recent LIEF versionS and an enhanced collection of models (EMBER, MalConv and SOREL-20M)\n Paper: \u003ca href=\"https://arxiv.org/pdf/1801.08917.pdf\"\u003e(2018) Learning to Evade Static PE Machine Learning Malware Models via Reinforcement Learning\u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `gym-flipit`\n\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/flipit_env.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/lisaoakley/gym-flipit'\u003egym-flipit\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n Gym environment for FLIPIT: The Game of \"Stealthy Takeover\" invented by Marten van Dijk, Ari Juels, Alina Oprea, and Ronald L. Rivest.\n Paper: \u003ca href=\"https://arxiv.org/abs/1906.11938\"\u003e(2019) QFlip: An Adaptive Reinforcement Learning Strategy for the FlipIt Security Game\u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `gym-threat-defense`\n\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/threat_defense_env.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/hampusramstrom/gym-threat-defense'\u003egym-threat-defense\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n Gym environment for the environment described in the paper: \u003ca href=\"https://dl.acm.org/doi/10.1145/2808475.2808482\"\u003e(2019) Optimal Defense Policies for Partially Observable Spreading Processes on Bayesian Attack Graphs\u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `gym-nasim`\n\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/nasim_env.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/Jjschwartz/NetworkAttackSimulator'\u003egym-nasim\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n Thesis: \u003ca href=\"https://arxiv.org/pdf/1905.05965.pdf\"\u003e(2018) Autonomous Penetration Testing using Reinforcement Learning\u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `gym-optimal-intrusion-response`\n\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/intrusion_response_env.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/Limmen/gym-optimal-intrusion-response'\u003egym-optimal-intrusion-response\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n An OpenAI Gym interface to a MDP/Markov Game model for optimal intrusion response of a realistic infrastructure simulated using system traces.\n Paper: \u003ca href=\"https://arxiv.org/pdf/2106.07160.pdf\"\u003e(2021) Learning Intrusion Prevention Policies through Optimal Stopping\u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `sql_env`\n\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/sql_env.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/manuel-delverme/sql_env'\u003esql_env\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n Paper: \u003ca href=\"https://link.springer.com/chapter/10.1007/978-3-030-91625-1_6\"\u003e(2021) SQL Injections and Reinforcement Learning: An Empirical Evaluation of the Role of Action Structure\u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `cage-challenge`\n\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd align='center'\u003e\n \u003cimg src='imgs/cage_env.png' width=300 /\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd \u003e\n \u003ca href='https://github.com/cage-challenge/cage-challenge-1'\u003ecage-challenge-1\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n The first Cyber Autonomos Gym for Experimentation (CAGE) challenge environment released at the 1st International Workshop on Adaptive Cyber Defense held as part of the 2021 International Joint Conference on Artificial Intelligence (IJCAI).\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd \u003e\n \u003ca href='https://github.com/cage-challenge/cage-challenge-2'\u003ecage-challenge-2\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n The second Cyber Autonomous Gym for Experimentation (CAGE) challenge environment announced at the AAAI-22 Workshop on Artificial Intelligence for Cyber Security Workshop (AICS).\n\t\t Paper: \u003ca href=\"https://arxiv.org/pdf/2309.07388\"\u003e(2023) On Autonomous Agents in a Cyber Defence Environment\u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd \u003e\n \u003ca href='https://github.com/cage-challenge/cage-challenge-3'\u003ecage-challenge-3\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n The third Cyber Autonomous Gym for Experimentation (CAGE) challenge environment.\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd \u003e\n \u003ca href='https://github.com/cage-challenge/cage-challenge-4'\u003ecage-challenge-4\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n The fourth Cyber Autonomous Gym for Experimentation (CAGE) challenge environment.\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `ATMoS`\n\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/atmos.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/ATMoS-Waterloo/ATMoS'\u003eATMoS\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n Paper: \u003ca href=\"https://ieeexplore.ieee.org/document/9110426\"\u003e(2020) ATMoS: Autonomous Threat Mitigation in SDN using Reinforcement Learning\u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n\n### `MAB-Malware`\n\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/mab_malware.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/weisong-ucr/MAB-malware'\u003eMAB-malware\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n Paper: \u003ca href=\"https://arxiv.org/pdf/2003.03100.pdf\"\u003e(2022) MAB-Malware: A Reinforcement Learning Framework for Attacking Static Malware Classifiers\u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `ASAP`\n\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/asap.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href=https://github.com/ankur8931/asap\u003eAutonomous Security Analysis and Penetration Testing framework (ASAP)\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n Paper: \u003ca href=\"https://ieeexplore.ieee.org/document/9394285\"\u003e(2020) Autonomous Security Analysis and Penetration Testing\u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `Yawning Titan`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/yawning_titan_env.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/dstl/YAWNING-TITAN'\u003eYawning Titan\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n Yawning Titan is an abstract, highly flexible, cyber security simulator that is capable of simulating a range of cyber security scenarios.\n\nPaper: \u003ca href=\"https://www.researchgate.net/publication/361638424_Developing_Optimal_Causal_Cyber-Defence_Agents_via_Cyber_Security_Simulation\"\u003e(2022) Developing Optimal Causal Cyber-Defence Agents via Cyber Security Simulation\u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `Cyborg`\n\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/cyborg.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/cage-challenge/CybORG'\u003eCyborg\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n Cyborg is a gym for autonomous cyberg operations research that is driven by the need to efficiently support reinforcement learning to train adversarial decision-making models through simulation and emulation. This is a variation of the environments used by cage-challenge above.\n\nPaper: \u003ca href=\"https://arxiv.org/abs/2108.09118\"\u003e(2021) CybORG: A Gym for the Development of Autonomous Cyber Agents \u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n\n### `FARLAND`\n\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/farland.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n FARLAND (github repository missing)\n \u003cul\u003e\n \u003cli\u003e\n FARLAND is a framework for advanced Reinforcement Learning for autonomous network defense, that uniquely enables the design of network environments to gradually increase the complexity of models, providing a path for autonomous agents to increase their performance from apprentice to superhuman level, in the task of reconfiguring networks to mitigate cyberattacks.\n\nPaper: \u003ca href=\"https://arxiv.org/pdf/2103.07583.pdf\"\u003e(2021) Network Environment Design for Autonomous Cyberdefense \u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `SecureAI`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/secureai.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/ansi-code/secureai-java'\u003eSecureAI\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n SecureAI: Deep Reinforcement Learning for Self-Protection in Non-Stationary Cloud Architectures\n\t\t\tPaper: \u003ca href=\"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9659882\"\u003e(2021) An Intrusion Response Approach for Elastic Applications Based on Reinforcement Learning\u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `CYST`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/cyst.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://muni.cz/go/cyst-user'\u003eCYST\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n CYST is a multi-agent discrete-event simulation framework tailored for cybersecurity domain. Its goal is to enable high-throughput and realistic simulation of cybersecurity interactions in arbitrary infrastructures. \u003cbr/\u003e\u003cbr/\u003e\n\t\t\tPaper: \u003ca href=\"https://ieeexplore.ieee.org/abstract/document/9213690\"\u003e(2020) Session-level Adversary Intent-Driven Cyberattack Simulator\u003c/a\u003e\u003c/br\u003e\n Code: \u003ca href=\"https://gitlab.ics.muni.cz/cyst-public/cyst-core/\"\u003eHERE\u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `CLAP`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/clap.jpg' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/yyzpiero/RL4RedTeam'\u003eCLAP: Curiosity-Driven Reinforcment Learning Automatic Penetration Testing Agent\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n CLAP is a reinforcement learning PPO agent performs Penetration Testing in simulated computer network environment (we use Network Attack Simulator (NASim)). The agent is trained to scan for vulnerabilities in the network and exploit them to gain access to various network resources. \u003cbr/\u003e\u003cbr/\u003e\n\t\t\tPaper: \u003ca href=\"https://arxiv.org/abs/2202.10630\"\u003e(2022) Behaviour-Diverse Automatic Penetration Testing: A Curiosity-Driven Multi-Objective Deep Reinforcement Learning Approach\u003c/a\u003e\u003c/br\u003e\n Code: \u003ca href=\"https://github.com/yyzpiero/RL4RedTeam\"\u003eHERE\u003c/a\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `CyGIL`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/cygil.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://arxiv.org/abs/2109.03331'\u003eCyGIL: A Cyber Gym for Training Autonomous Agents over Emulated Network Systems\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n CyGIL is an experimental testbed of an emulated RL training environment for network cyber operations. CyGIL uses a stateless environment architecture and incorporates the MITRE ATT\u0026CK framework to establish a high fidelity training environment, while presenting a sufficiently abstracted interface to enable RL training. Its comprehensive action space and flexible game design allow the agent training to focus on particular advanced persistent threat (APT) profiles, and to incorporate a broad range of potential threats and vulnerabilities. By striking a balance between fidelity and simplicity, it aims to leverage state of the art RL algorithms for application to real-world cyber defence. \u003cbr/\u003e\u003cbr/\u003e\n\t\t\tPaper: \u003ca href=\"https://arxiv.org/abs/2109.03331\"\u003e(2021) CyGIL: A Cyber Gym for Training Autonomous Agents over Emulated Network Systems \u003c/a\u003e\u003c/br\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `BRAWL`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/brawl.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://github.com/mitre/brawl-public-game-001'\u003eBRAWL\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n BRAWL seeks to create a compromise by creating a system to automatically create an enterprise network inside a cloud environment. OpenStack is the only currently supported environment, but it is being designed in such a way as to easily support other cloud environments in the future.\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `DETERLAB`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/deter.jpeg' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://ieeexplore.ieee.org/document/5655108'\u003eDeterLab: Cyber-Defense Technology Experimental Research Laboratory\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n Since 2004, the DETER Cybersecurity Testbed Project has worked to create the necessary infrastructure - facilities, tools, and processes-to provide a national resource for experimentation in cyber security. The next generation of DETER envisions several conceptual advances in testbed design and experimental research methodology, targeting improved experimental validity, enhanced usability, and increased size, complexity, and diversity of experiments. \u003cbr/\u003e\u003cbr/\u003e\n\t\t\tPaper: \u003ca href=\"https://ieeexplore.ieee.org/document/5655108\"\u003e(2010) The DETER project: Advancing the science of cyber security experimentation and test \u003c/a\u003e\u003c/br\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `EmuLab`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/emulab.png width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href='https://www.usenix.org/legacy/event/usenix08/tech/full_papers/hibler/hibler.pdf\u003eEmuLab: Large-scale Virtualization in the Emulab Network Testbed\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\nThe Emulab software is the management system for a network-rich PC cluster that provides a space- and timeshared public facility for studying networked and distributed systems. \u003cbr/\u003e\u003cbr/\u003e\n\t\t\tPaper: \u003ca href=\"https://www.usenix.org/legacy/event/usenix08/tech/full_papers/hibler/hibler.pdf\"\u003e(2008) EmuLab: Large-scale Virtualization in the Emulab Network Testbed \u003c/a\u003e\u003c/br\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `Mininet`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/emulab.svg' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href=https://ieeexplore.ieee.org/document/7311238\u003eMininet creates a realistic virtual network, running real kernel, switch and application code, on a single machine (VM, cloud or native), in seconds, with a single command.\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n\t\t\tPaper: \u003ca href=\"https://ieeexplore.ieee.org/document/7311238\"\u003e(2015) Emulation of Software Defined Networks Using Mininet in Different Simulation Environments \u003c/a\u003e\u003c/br\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `Vine`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/vine.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href=https://dl.acm.org/doi/10.1145/2808475.2808486\u003eVINE: A Cyber Emulation Environment for MTD Experimentation\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n\t\t\tPaper: \u003ca href=\"https://dl.acm.org/doi/10.1145/2808475.2808486\"\u003e(2015) VINE: A Cyber Emulation Environment for MTD Experimentation\u003c/a\u003e\u003c/br\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `CRATE`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/crate.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href=https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=9229649\u0026casa_token=b3Vk13dXj_sAAAAA:zrB-U_pA50aq7IMzcdy6qy9YNjFsuccAtpujDmDvJnNq9iCc7aqQNoeKsjC_AddSIgYt-MUkk3A6\u003eCRATE Exercise Control – A cyber defense exercise management and support\ntool\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n\t\t\tPaper: \u003ca href=\"https://dl.acm.org/doi/10.1145/2808475.2808486\"\u003e(2020) CRATE Exercise Control – A cyber defense exercise management and support\u003c/a\u003e\u003c/br\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n### `GALAXY`\n\u003ctable\u003e\n \u003ctbody\u003e\n \u003ctr\u003e\n \u003ctd width='50%' align='center'\u003e\n \u003cimg src='imgs/galaxy.png' width=300 /\u003e\n \u003c/td\u003e\n \u003ctd width='50%'\u003e\n \u003ca href=https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=9229649\u0026casa_token=b3Vk13dXj_sAAAAA:zrB-U_pA50aq7IMzcdy6qy9YNjFsuccAtpujDmDvJnNq9iCc7aqQNoeKsjC_AddSIgYt-MUkk3A6\u003eGalaxy: A Network Emulation Framework for Cybersecurity\ntool\u003c/a\u003e\n \u003cul\u003e\n \u003cli\u003e\n\t\t\tPaper: \u003ca href=\"https://www.usenix.org/system/files/conference/cset18/cset18-paper-schoonover.pdf\"\u003e(2018) Galaxy: A Network Emulation Framework for Cybersecurity\n\u003c/a\u003e\u003c/br\u003e\n \u003c/li\u003e\n \u003c/ul\u003e\n \u003c/td\u003e\n \u003c/tr\u003e\n \u003c/tbody\u003e\n\u003c/table\u003e\n\n## [↑](#table-of-contents) Papers\n\n### Surveys\n* [(2024) A Survey for Deep Reinforcement Learning Based Network Intrusion Detection](https://arxiv.org/abs/2410.07612)\n* [(2024) The Path to Autonomous Cyber Defense](https://arxiv.org/pdf/2404.10788.pdf)\n* [(2023) A Review of Techniques and Policies on Cybersecurity Using Artificial Intelligence and Reinforcement Learning Algorithms](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10260699)\n* [(2023) Automated Cyber Defence: A Review](https://arxiv.org/pdf/2303.04926.pdf)\n* [(2022) The Confluence of Networks, Games, and Learning a Game-Theoretic Framework for Multiagent Decision Making Over Networks](https://arxiv.org/abs/2105.08158)\n* [(2022) Cyber-security and reinforcement learning — A brief survey](https://www.sciencedirect.com/science/article/pii/S0952197622002512)\n* [(2022) Blockchain and Federated Deep Reinforcement Learning Based Secure Cloud-Edge-End Collaboration in Power IoT](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9801730)\n* [(2022) Deep Reinforcement Learning for Cybersecurity Threat Detection and Protection: A Review](https://arxiv.org/pdf/2206.02733.pdf)\n* [(2022) Research and Challenges of Reinforcement Learning in Cyber Defense Decision-Making for Intranet Security](https://www.mdpi.com/1999-4893/15/4/134)\n* [(2021) Reinforcement Learning for Feedback-Enabled Cyber Resilience](https://arxiv.org/pdf/2107.00783.pdf)\n* [(2021) Prospective Artificial Intelligence Approaches for Active Cyber Defence](https://arxiv.org/pdf/2104.09981.pdf)\n* [(2019) Deep Reinforcement Learning for Cyber Security](https://arxiv.org/abs/1906.05799)\n\n### Demonstration papers\n* [(2023) The Cyber Security Learning Environment (CSLE) v.0.2.0 Demo](https://www.youtube.com/watch?v=iE2KPmtIs2A)\n* [(2022) A System for Interactive Examination of Learned Security Policies](https://ieeexplore.ieee.org/document/9789707) [**(VIDEO)**](https://www.youtube.com/watch?v=18P7MjPKNDg)\n\n### Position papers\n* [(2025) The Path to Autonomous Cyberdefense](https://ieeexplore.ieee.org/document/10612251)\n* [(2023) Autonomous Cyber Defence: A roadmap from lab to ops](https://cetas.turing.ac.uk/sites/default/files/2023-06/autonomous_cyber_defence_final_report.pdf)\n* [(2022) The Mathematics of Cyber Defense](https://www.ams.org/journals/notices/202206/rnoti-p1019.pdf)\n\n### Regular Papers\n* [(2025) Less is more? Rewards in RL for Cyber Defence](https://arxiv.org/abs/2503.03245)\n* [(2024) Intrusion Response System for In-Vehicle Networks: Uncertainty-Aware Deep Reinforcement Learning-based Approach](https://ieeexplore.ieee.org/abstract/document/10773966)\n* [(2024) Towards Generalizable Autonomous Penetration Testing via Domain Randomization and Meta-Reinforcement Learning](https://arxiv.org/pdf/2412.04078)\n* [(2024) Inherently Interpretable and Uncertainty-aware Models for Online Learning in Cyber-Security Problems](https://arxiv.org/pdf/2411.09393)\n* [(2024) Advancing the Automation Capability of Verifying Security Protocols](https://ieeexplore.ieee.org/document/10443063)\n* [(2024) Meta Stackelberg Game: Robust Federated Learning against Adaptive and Mixed Poisoning Attacks](https://arxiv.org/pdf/2410.17431)\n* [(2024) Intrusion Tolerance as a Two-Level Game](https://link.springer.com/chapter/10.1007/978-3-031-74835-6_1)\n* [(2024) Entity-based Reinforcement Learning for Autonomous Cyber Defence](https://arxiv.org/pdf/2410.17647)\n* [(2024) Hierarchical Multi-agent Reinforcement Learning for Cyber Network Defense](https://arxiv.org/pdf/2410.17351)\n* [(2024) Multi-Agent Actor-Critics in Autonomous Cyber Defense](https://arxiv.org/pdf/2410.09134)\n* [(2024) Penetration Test Path Discovery Based on NHSC-PPO](https://dl.acm.org/doi/10.1145/3650400.3650693)\n* [(2024) Employing Deep Reinforcement Learning to Cyber-Attack Simulation for Enhancing Cybersecurity](https://www.mdpi.com/2079-9292/13/3/555)\n* [(2024) Training Environments for Reinforcement Learning Cybersecurity Agents](https://ieeexplore.ieee.org/abstract/document/10690552)\n* [(2024) Network defense decision-making based on deep reinforcement learning and dynamic game theory](https://ieeexplore.ieee.org/abstract/document/10700942)\n* [(2024) Action Robust Reinforcement Learning for Air Mobility Deconfliction Against Conflict Induced Spoofing](https://ieeexplore.ieee.org/abstract/document/10682497)\n* [(2024) Causally aware reinforcement learning agents for autonomous cyber defence](https://www.sciencedirect.com/science/article/pii/S0950705124011559)\n* [(2024) Reinforcement Learning for Autonomous Resilient Cyber Defence](https://i.blackhat.com/BH-US-24/Presentations/US-24-MilesFarmer-ReinforcementLearningForAutonomousResilientCyberDefence-wp.pdf)\n* [(2024) Dynamic Fraud Detection: Integrating Reinforcement Learning into Graph Neural Networks](https://arxiv.org/pdf/2409.09892)\n* [(2024) Towards Autonomous Network Defense: Reinforcement Learning Environment for a Defense Agent](https://ieeexplore.ieee.org/abstract/document/10667139)\n* [(2024) Detection of Man in the Middle Attacks in Model-Free Reinforcement Learning for the Linear Quadratic Regulator](https://ieeexplore.ieee.org/abstract/document/10644963)\n* [(2024) Optimization of mitigation deployment using deep reinforcement learning over an enhanced ATT \u0026CK](https://link.springer.com/article/10.1007/s00607-024-01344-4)\n* [(2024) Anti-Jamming Attack Mixed Strategy for Formation Tracking Control via Game-Theoretical Reinforcement Learning](https://ieeexplore.ieee.org/abstract/document/10660492)\n* [(2024) A survey on security of UAV and deep reinforcement learning](https://www.sciencedirect.com/science/article/pii/S1570870524002531)\n* [(2024) Enhancing Underwater IoT Security: A Collaborative Pursuit Strategy Using Multi-Agent Reinforcement Learning](https://ieeexplore.ieee.org/abstract/document/10644013)\n* [(2024) Risk-Aware Federated Reinforcement Learning-Based Secure IoV Communications](https://www.computer.org/csdl/journal/tm/5555/01/10643312/1ZAxmYkGmOs)\n* [(2024) Deep Reinforcement Learning-Based Moving Target Defense for Multicast in Software-Defined Satellite Networks](https://ieeexplore.ieee.org/abstract/document/10622302)\n* [(2024) Finding the Optimal Security Policies for Autonomous Cyber Operations with Competitive Reinforcement Learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=10639381)\n* [(2024) An Intelligent Reinforcement Learning–Based Method for Threat Detection in Mobile Edge Networks](https://onlinelibrary.wiley.com/doi/abs/10.1002/nem.2294)\n* [(2024) Towards a High Fidelity Training Environment for Autonomous Cyber Defense Agents](https://doi.org/10.1145/3675741.3675752)\n* [(2024) Reinforcement Learning for an Efficient and Effective Malware Investigation during Cyber Incident Response](https://arxiv.org/pdf/2408.01999)\n* [(2024) Leveraging Deep Reinforcement Learning for Cyber-Attack Paths Prediction: Formulation, Generalization, and Evaluation](https://hal.science/hal-04662428/document)\n* [(2024) Efficient Penetration Testing Path Planning Based on Reinforcement Learning with Episodic Memory](https://cdn.techscience.cn/files/CMES/2024/TSP_CMES-140-3/TSP_CMES_28553/TSP_CMES_28553.pdf)\n* [(2024) How to Train your Antivirus: RL-based Hardening through the Problem Space](https://kclpure.kcl.ac.uk/ws/portalfiles/portal/278114787/AutoRobust_RAID_Accepted.pdf)\n* [(2024) Multi-agent Reinforcement Learning for Cybersecurity: Approaches and Challenges](https://ceur-ws.org/Vol-3735/paper_09.pdf)\n* [(2024) Evaluation of Reinforcement Learning for Autonomous Penetration Testing using A3C, Q-learning and DQN](https://arxiv.org/pdf/2407.15656)\n* [(2024) Otimizing Cyber Defense in Dynamic Active Directories through Reinforcement Learning](https://arxiv.org/pdf/2406.19596)\n* [(2024) Safe Multi-Agent Reinforcement Learning for Wireless Applications Against Adversarial Communications](https://ieeexplore.ieee.org/abstract/document/10584557)\n* [(2024) Autonomous network defense in cloud data center environments based on reinforcement learning](https://www.spiedigitallibrary.org/conference-proceedings-of-spie/13185/131850H/Autonomous-network-defense-in-cloud-data-center-environments-based-on/10.1117/12.3032677.full)\n* [(2024) DDoS Mitigation while Preserving QoS: A Deep Reinforcement Learning-Based Approach](https://ieeexplore.ieee.org/abstract/document/10588889)\n* [(2024) Optimal Defender Strategies for CAGE-2 using Causal Modeling and Tree Search](https://arxiv.org/abs/2407.11070)\n* [(2024) Structural Generalization in Autonomous Cyber Incident Response with Message-Passing Neural Networks and Reinforcement Learning](https://arxiv.org/pdf/2407.05775v1)\n* [(2024) Deep Reinforcement Learning Based Self-Evolving Moving Target Defense Approach Against Unknown Attacks](https://ieeexplore.ieee.org/abstract/document/10586877)\n* [(2024) Attention-Enhanced Multi-Agent Reinforcement Learning Against Observation Perturbations for Distributed Volt-VAR Control](https://ieeexplore.ieee.org/abstract/document/10587051)\n* [(2024) CyberRL: Brain-Inspired Reinforcement Learning for Efficient Network Intrusion Detection](https://ieeexplore.ieee.org/abstract/document/10579883)\n* [(2024) Leveraging Reinforcement Learning in Red Teaming for Advanced Ransomware Attack Simulations](https://arxiv.org/pdf/2406.17576)\n* [(2024) Deep Reinforcement Learning for Adaptive Cyber Defense in Network Security](https://dl.acm.org/doi/abs/10.1145/3660853.3660930)\n* [(2024) AI for AI-based intrusion detection as a service: Reinforcement learning to configure models, tasks, and capacities](https://www.sciencedirect.com/science/article/pii/S1084804524001139)\n* [(2024) DeepIDPS: An Adaptive DRL-based Intrusion Detection and Prevention System for SDN](https://cis.temple.edu/~jiewu/research/publications/Publication_files/ICC2024.pdf)\n* [(2024) Attacker Hunting in the Intranet using Multi-agent Reinforcement Learning ](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10545725)\n* [(2024) A Novel Two Step Computer Network Attack and Defense Strategy](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10544975)\n* [(2024) AdaRisk: Risk-adaptive Deep Reinforcement Learning for Vulnerable Nodes Detection](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10549866)\n* [(2024) Design of an Autonomous Cyber Defence Agent using Hybrid AI models](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10540988)\n* [(2024) Reinforcement Learning Approach for IoT Security using CyberBattleSim: A Simulation-based Study](https://ieeexplore.ieee.org/abstract/document/10541295)\n* [(2024) Knowledge-Informed Auto-Penetration Testing Based on Reinforcement Learning with Reward Machine](https://arxiv.org/pdf/2405.15908)\n* [(2024) Evolving malware detection through instant dynamic graph inverse reinforcement learning](https://www.sciencedirect.com/science/article/pii/S0950705124006257)\n* [(2024) Evolving malware detection through instant dynamic graph inverse reinforcement learning](https://www.sciencedirect.com/science/article/pii/S0950705124006257)\n* [(2024) Intelligent Prevention of DDoS Attacks using Reinforcement Learning and Smart](https://journals.flvc.org/FLAIRS/article/view/135349)\n* [(2024) Application Study on the Reinforcement Learning Strategies in the Network Awareness Risk Perception and Prevention](https://link.springer.com/article/10.1007/s44196-024-00492-x)\n* [(2024) Reinforcement learning-based autonomous attacker to uncover computer network vulnerabilities](https://link.springer.com/article/10.1007/s00521-024-09668-0)\n* [(2024) Trustworthy autonomous driving via defense-aware robust reinforcement learning against worst-case observational perturbations](https://www.sciencedirect.com/science/article/pii/S0968090X24001530)\n* [(2024) DRL²FC: An Attack-Resilient Controller for Automatic Generation Control Based on Deep Reinforcement Learning](https://arxiv.org/pdf/2404.16974)\n* [(2024) Interpretable Cross-Layer Intrusion Response System Based on Deep Reinforcement Learning for Industrial Control Systems](https://ieeexplore.ieee.org/abstract/document/10508089)\n* [(2024) A method of network attack-defense game and collaborative defense decision-making based on hierarchical multi-agent reinforcement learning](https://www.sciencedirect.com/science/article/pii/S016740482400172X)\n* [(2024) Leveraging Deep Reinforcement Learning Technique for Intrusion Detection in SCADA Infrastructure](https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=10504835)\n* [(2024) Off-Policy Actor-Critic Deep Reinforcement Learning methods for alert prioritization in Intrusion Detection Systems](https://www.sciencedirect.com/science/article/pii/S016740482400155X)\n* [(2024) Security Assessment of Industrial Control System Applying Reinforcement Learning](https://www.mdpi.com/2227-9717/12/4/801)\n* [(2024) Foundations of Cyber Resilience: The Confluence of Game, Control, and Learning Theories](https://arxiv.org/pdf/2404.01205.pdf)\n* [(2024) Intrusion Tolerance for Networked Systems through Two-Level Feedback Control](https://arxiv.org/abs/2404.01741)\n* [(2024) Optimal Attack Path Planning based on Reinforcement Learning and Cyber Threat Knowledge Graph Combining the ATT\u0026CK for Air Traffic Management System ](https://ieeexplore.ieee.org/abstract/document/10473161)\n* [(2024) Comparative DQN-Improved Algorithms for Stochastic Games-based Automated Edge Intelligence-enabled IoT Malware Spread-Suppression Strategies](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10478522)\n* [(2024) Deep Reinforcement Learning Approach for Cyberattack Detection](https://online-journals.org/index.php/i-joe/article/view/48229)\n* [(2024) WENDIGO: Deep Reinforcement Learning for Denial-of-Service Query Discovery in GraphQL](https://kclpure.kcl.ac.uk/ws/portalfiles/portal/251249221/Wendigo.pdf)\n* [(2024) Security Enhancement for Deep Reinforcement Learning-Based Strategy in Energy-Efficient Wireless Sensor Networks](https://www.mdpi.com/1424-8220/24/6/1993)\n* [(2024) Symbiotic Game and Foundation Models for Cyber Deception Operations in Strategic Cyber Warfare](https://arxiv.org/pdf/2403.10570.pdf)\n* [(2024) Mirage: cyber deception against autonomous cyber attacks in emulation and simulation](https://link.springer.com/article/10.1007/s12243-024-01018-4)\n* [(2024) PenGym: Pentesting Training Framework for Reinforcement Learning Agents](https://www.jaist.ac.jp/~razvan/publications/pengym_framework_rl_agents.pdf)\n* [(2024) How to Train your Antivirus: RL-based Hardening through the Problem-Space](https://arxiv.org/pdf/2402.19027.pdf)\n* [(2024) Conjectural Online Learning with First-order Beliefs in Asymmetric Information Stochastic Games](https://arxiv.org/abs/2402.18781)\n* [(2024) Commissioning Federated Reinforcement Learning to Envision Network Security Strategies](https://ieeexplore.ieee.org/document/10440912)\n* [(2024) Transforming Cybersecurity Dynamics: Enhanced Self-Play Reinforcement Learning in Intrusion Detection and Prevention System](https://www.researchgate.net/publication/378288610_Transforming_Cybersecurity_Dynamics_Enhanced_Self-Play_Reinforcement_Learning_in_Intrusion_Detection_and_Prevention_System)\n* [(2024) Automated Security Response through Online Learning with Adaptive Conjectures](https://arxiv.org/abs/2402.12499)\n* [(2024) IoTWarden: A Deep Reinforcement Learning Based Real-time Defense System to Mitigate Trigger-action IoT Attacks](https://arxiv.org/pdf/2401.08141.pdf)\n* [(2024) Discovering Command and Control (C2) Channels on Tor and Public Networks Using Reinforcement Learning](https://arxiv.org/pdf/2402.09200.pdf)\n* [(2024) Deep Reinforcement Learning for Autonomous Cyber Operations: A Survey](https://arxiv.org/abs/2310.07745)\n* [(2024) Reinforcement learning meets network intrusion detection: a transferable and adaptable framework for anomaly behavior identification](https://ieeexplore.ieee.org/abstract/document/10399344)\n* [(2024) Use of Graph Neural Networks in Aiding Defensive Cyber Operations](https://arxiv.org/pdf/2401.05680.pdf)\n* [(2024) LLM-Powered Code Vulnerability Repair with Reinforcement Learning and Semantic Reward](https://arxiv.org/pdf/2401.03374.pdf)\n* [(2024) Squashing Resource Exhaustion Bugs with Black-box Fuzzing and Reinforcement Learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10381445)\n* [(2024) Enhancing Road Safety and Cybersecurity in Traffic Management Systems: Leveraging the Potential of Reinforcement Learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=10381696)\n* [(2023) Multi-Agent Reinforcement Learning for Maritime Operational Technology Cyber Security](https://arxiv.org/abs/2401.10149)\n* [(2023) CO-DECYBER: Co-operative Decision Making for Cybersecurity using Deep Multi-agent Reinforcement Learning](https://www.researchgate.net/publication/374373412_CO-DECYBER_Co-operative_Decision_Making_for_Cybersecurity_using_Deep_Multi-agent_Reinforcement_Learning?_tp=eyJjb250ZXh0Ijp7ImZpcnN0UGFnZSI6InByb2ZpbGUiLCJwYWdlIjoicHJvZmlsZSJ9fQ)\n* [(2023) Optimal Deception Asset Deployment in Cybersecurity: A Nash Q-Learning Approach in Multi-Agent Stochastic Games](https://www.mdpi.com/2076-3417/14/1/357)\n* [(2023) Adaptive Deep Reinforcement Learning Algorithm for Distribution System Cyber Attack Defense with High Penetration of DERs](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10368040)\n* [(2023) WebGuardRL: An Innovative Reinforcement Learning-based Approach for Advanced Web Attack Detection](https://dl.acm.org/doi/abs/10.1145/3628797.3628982)\n* [(2023) PSP-Mal: Evading Malware Detection via Prioritized Experience-based Reinforcement Learning with Shapley Prior](https://dl.acm.org/doi/abs/10.1145/3627106.3627178)\n* [(2023) Canaries and Whistles: Resilient Drone Communication Networks with (or without) Deep Reinforcement Learning](https://dl.acm.org/doi/abs/10.1145/3605764.3623986)\n* [(2023) Effective defense strategies in network security using improved double dueling deep Q-network](https://www.sciencedirect.com/science/article/pii/S0167404823004881)\n* [(2023) Autonomous Cyber Defense Against Dynamic Multi-strategy Infrastructural DDoS Attacks](https://ieeexplore.ieee.org/abstract/document/10288937)\n* [(2023) Distributed Web Hacking by Adaptive Consensus-based Reinforcement Learning](https://www.sciencedirect.com/science/article/pii/S0004370223001789)\n* [(2023) Reward Shaping for Happier Autonomous Cyber Security Agents](https://arxiv.org/pdf/2310.13565.pdf)\n* [(2023) MalBoT-DRL: Malware Botnet Detection using Deep Reinforcement Learning in IoT Networks](https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=10283893)\n* [(2023) Raiju: Reinforcement Learning-Guided Post-Exploitation for Automating Security Assessment of Network Systems](https://arxiv.org/pdf/2309.15518.pdf)\n* [(2023) Security defense strategy algorithm for Internet of Things based on deep reinforcement learning](https://www.sciencedirect.com/science/article/pii/S266729522300065X?via%3Dihub)\n* [(2023) Enhancing Exfiltration Path Analysis Using Reinforcement Learning](https://arxiv.org/pdf/2310.03667.pdf)\n* [(2023) Automated Penetration Testing with Fine-Grained Control through Deep Reinforcement Learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10272349\u0026tag=1)\n* [(2023) Security Awareness in Smart Homes and Internet of Things Networks through Swarm-Based Cybersecurity Penetration Testing](https://www.mdpi.com/2078-2489/14/10/536)\n* [(2023) A Soft Actor-Critic Reinforcement Learning Algorithm for Network Intrusion Detection](https://www.sciencedirect.com/science/article/pii/S0167404823004121)\n* [(2023) Network Intrusion detectionsystem using reinforcement learning techniques](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10245608)\n* [(2023) PENTESTGPT: An LLM-empowered Automatic Penetration Testing Tool](https://arxiv.org/pdf/2308.06782.pdf)\n* [(2023) On Autonomous Agents in a Cyber Defence Environment](https://arxiv.org/pdf/2309.07388.pdf)\n* [(2023) EPPTA: Efficient Partially Observable Reinforcement Learning Agent for Penetration testing Applications](https://d197for5662m48.cloudfront.net/documents/publicationstatus/147896/preprint_pdf/b159e549387e455fd76cdb936f0a8b33.pdf)\n* [(2023) How to Disturb Network Reconnaissance: A Moving Target Defense Approach based on Deep Reinforcement Learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10247015)\n* [(2023) Scalable Learning of Intrusion Responses through Recursive Decomposition](https://arxiv.org/abs/2309.03292)\n* [(2023) Deep Reinforcement Learning for Intrusion Detection in Internet of Things: Best practices, lessons learnt, and open challenges.](https://www.sciencedirect.com/science/article/pii/S1389128623004619)\n* [(2023) An Automated Intrusion Detection and Prevention Model for Enhanced Network Security and Threat Assessment](https://www.ijcna.org/Manuscripts/IJCNA-2023-O-42.pdf)\n* [(2023) Flipit Game Deception Strategy Selection Method Based on Deep Reinforcement Learning](https://downloads.hindawi.com/journals/ijis/2023/5560416.pdf)\n* [(2023) Intelligent Security Aware Routing: Using Model-Free Reinforcement Learning](https://ieeexplore.ieee.org/abstract/document/10230195)\n* [(2023) When Moving Target Defense Meets Attack Prediction in Digital Twins: A Convolutional and Hierarchical Reinforcement Learning Approach](https://ieeexplore.ieee.org/abstract/document/10234402)\n* [(2023) Out of the Cage: How Stochastic Parrots Win in Cyber Security Environments](https://arxiv.org/pdf/2308.12086.pdf)\n* [(2023) Deep Reinforcement Learning for Intelligent Penetration Testing Path Design](https://www.mdpi.com/2076-3417/13/16/9467)\n* [(2023) Social Engineering Attack-Defense Strategies Based on Reinforcement Learning](https://www.techscience.com/csse/v47n2/53636/html)\n* [(2023) Real-Time Defensive Strategy Selection via Deep Reinforcement Learning](https://dl.acm.org/doi/abs/10.1145/3600160.3600176)\n* [(2023) CyberForce: A Federated Reinforcement Learning Framework for Malware Mitigation](https://arxiv.org/pdf/2308.05978.pdf)\n* [(2023) Simulating all archetypes of SQL injection vulnerability exploitation using reinforcement learning agents](https://link.springer.com/article/10.1007/s10207-023-00738-3)\n* [(2023) Research on active defense decision-making method for cloud boundary networks based on reinforcement learning of intelligent agent](https://www.sciencedirect.com/science/article/pii/S2667295223000430?via%3Dihub)\n* [(2023) Adversarial Deep Reinforcement Learning for Cyber Security in Software Defined Networks](https://arxiv.org/pdf/2308.04909.pdf)\n* [(2023) Using POMDP-based Approach to Address Uncertainty-Aware Adaptation for Self-Protecting Software](https://arxiv.org/pdf/2308.02134.pdf)\n* [(2023) EIReLaND: Evaluating and Interpreting Reinforcement-Learning-based Network Defenses](https://www.csl.sri.com/users/gehani/papers/ACD-2023.EIReLaND.pdf)\n* [(2023) SDN/NFV-based framework for autonomous defense against slow-rate DDoS attacks by using reinforcement learning](https://www.sciencedirect.com/science/article/pii/S0167739X23003047)\n* [(2023) Whole Campaign Emulation with Reinforcement Learning for Cyber Test](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10208253)\n* [(2023) Neuroevolution for Autonomous Cyber Defense](https://dl.acm.org/doi/pdf/10.1145/3583133.3590596)\n* [(2023) Reinforcement Learning-Based Attack Graph Analysis for Wastewater Treatment Plant](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10192325)\n* [(2023) QL vs. SARSA: Performance Evaluation for Intrusion Prevention Systems in Software-Defined IoT Networks](https://ieeexplore.ieee.org/abstract/document/10183144)\n* [(2023) TSGS: Two-stage security game solution based on deep reinforcement learning for Internet of Things](https://www.sciencedirect.com/science/article/pii/S0957417423014677)\n* [(2023) Security-aware Resource Allocation Scheme Based on DRL in Cloud-Edge-Terminal Cooperative Vehicular Network](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10176313)\n* [(2023) Network Intrusion Detection System using Reinforcement learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10170630)\n* [(2023) Unified Emulation-Simulation Training Environment for Autonomous Cyber Agents](https://arxiv.org/pdf/2304.01244.pdf)\n* [(2023) Learning Near-Optimal Intrusion Responses Against Dynamic Attackers](https://ieeexplore.ieee.org/document/10175554)\n* [(2023) A Curriculum Framework for Autonomous Network Defense using Multi-agent Reinforcement Learning](https://ieeexplore.ieee.org/abstract/document/10165310)\n* [(2023) Enhancing Situation Awareness in Beyond Visual Range Air Combat with Reinforcement Learning-based Decision Support](https://ieeexplore.ieee.org/abstract/document/10156497)\n* [(2023) A Reinforcement Learning Approach to Undetectable Attacks against Automatic Generation Control](https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=10159364)\n* [(2023) Digital Twins for Security Automation](https://ieeexplore.ieee.org/abstract/document/10154288)\n* [(2023) Inroads into Autonomous Network Defence using Explained Reinforcement Learning](https://arxiv.org/pdf/2306.09318v1.pdf)\n* [(2023) Automated Adversary-in-the-Loop Cyber-Physical Defense Planning](https://dl.acm.org/doi/pdf/10.1145/3596222)\n* [(2023) RLAuth: A Risk-based Authentication System using Reinforcement Learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10151855)\n* [(2023) SQIRL: Grey-Box Detection of SQL Injection Vulnerabilities Using Reinforcement Learning](http://www.doc.ic.ac.uk/~maffeis/papers/usenix23.pdf)\n* [(2023) Dual Reinforcement Learning based Attack Path Prediction for 5G Industrial Cyber-Physical Systems](https://ieeexplore.ieee.org/abstract/document/10149069)\n* [(2023) Detecting State of Charge False Reporting Attacks via Reinforcement Learning Approach](https://ieeexplore.ieee.org/abstract/document/10149139)\n* [(2023) Learning to Defend by Attacking (and Vice-Versa): Transfer of Learning in Cybersecurity Games](https://arxiv.org/pdf/2306.02165.pdf)\n* [(2023) NASimEmu: Network Attack Simulator \u0026 Emulator for Training Agents Generalizing to Novel Scenarios](https://arxiv.org/abs/2305.17246)\n* [(2023) A Collaborative Stealthy DDoS Detection Method based on Reinforcement Learning at the Edge of the Internet of Things](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10133833)\n* [(2023) An Intelligent SDWN Routing Algorithm Based on Network Situational Awareness and Deep Reinforcement Learning](https://arxiv.org/pdf/2305.10441.pdf)\n* [(2023) Trojan Playground: A Reinforcement Learning Framework for Hardware Trojan Insertion and Detection](https://arxiv.org/pdf/2305.09592.pdf)\n* [(2023) Decentralized Anomaly Detection in Cooperative Multi-Agent Reinforcement Learning](https://people.kth.se/~gyuri/Pub/KazariSD-DistributedDetectionMARL-IJCAI23.pdf)\n* [(2023) Evolved Prevention Strategies for 6G Networks through Stochastic Games and Reinforcement Learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10115274)\n* [(2023) Cyber Attack Detection Using Bellman Optimality Equation in Reinforcement Learning](https://www.atlantis-press.com/article/125986296.pdf)\n* [(2023) Greybox Penetration Testing on Cloud Access Control with IAM Modeling and Deep Reinforcement Learning](https://arxiv.org/pdf/2304.14540.pdf)\n* [(2023) A Multiagent CyberBattleSim for RL Cyber Operation Agents](https://arxiv.org/pdf/2304.11052.pdf)\n* [(2023) Reinforcement Learning Solution for Cyber-Physical Systems Security Against Replay Attacks](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10105656)\n* [(2023) AIRS: Explanation for Deep Reinforcement Learning based Security Applications](https://www.usenix.org/system/files/sec23fall-prepub-36-yu-jiahao.pdf)\n* [(2023) SSQLi: A Black-Box Adversarial Attack Method for SQL Injection Based on Reinforcement Learning](https://www.mdpi.com/1999-5903/15/4/133)\n* [(2023) On the use of Reinforcement Learning for Attacking and Defending Load Frequency Control](https://arxiv.org/pdf/2303.15736.pdf)\n* [(2023) An Optimal Active Defensive Security Framework for the Container-Based Cloud with Deep Reinforcement Learning](https://www.mdpi.com/2079-9292/12/7/1598)\n* [(2023) AutoCAT: Reinforcement Learning for Automated Exploration of Cache-Timing Attacks](https://hsienhsinlee.github.io/MARS/pub/hpca2023.pdf)\n* [(2023) Applying Reinforcement Learning for Enhanced Cybersecurity against Adversarial Simulation](https://www.mdpi.com/1424-8220/23/6/3000)\n* [(2023) Offline RL+CKG: A hybrid AI model for cybersecurity tasks](https://ebiquity.umbc.edu/_file_directory_/papers/1180.pdf)\n* [(2023) Learning automated defense strategies using graph-based cyber attack simulations](https://www.ndss-symposium.org/wp-content/uploads/2023/09/wosoc2023-23006-paper.pdf)\n* [(2023) Cyber Automated Network Resilience Defensive Approach against Malware Images](https://ieeexplore.ieee.org/abstract/document/10043078)\n* [(2023) Energy scheduling for DoS attack over multi-hop networks: Deep reinforcement learning approach](https://www.sciencedirect.com/science/article/pii/S0893608023000916)\n* [(2023) Cybersecurity as a Tic-Tac-Toe Game Using Autonomous Forwards (Attacking) And Backwards (Defending) Penetration Testing in a Cyber Adversarial Artificial Intelligence System](https://ieeexplore.ieee.org/document/10034922)\n* [(2023) Deep Reinforcement Learning for Cyber System Defense under Dynamic Adversarial Uncertainties](https://arxiv.org/pdf/2302.01595.pdf)\n* [(2023) Catch Me If You Can: Improving Adversaries in Cyber-Security With Q-Learning Algorithms](https://www.researchgate.net/publication/368330555_Catch_Me_If_You_Can_Improving_Adversaries_in_Cyber-Security_With_Q-Learning_Algorithms/references)\n* [(2023) Security Analysis of Cyber-Physical Systems Using Reinforcement Learning](https://www.mdpi.com/1424-8220/23/3/1634)\n* [(2023) Beyond von Neumann Era: Brain-inspired Hyperdimensional Computing to the Rescue](https://dl.acm.org/doi/pdf/10.1145/3566097.3568354)\n* [(2023) Increasing attacker engagement on SSH honeypots using semantic embeddings of cyber-attack patterns and deep reinforcement learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10022206)\n* [(2023) Towards Dynamic Capture-The-Flag Training Environments For Reinforcement Learning Offensive Security Agents](https://ieeexplore.ieee.org/abstract/document/10020389)\n* [(2023) Leveraging Deep Reinforcement Learning for Automating Penetration Testing in Reconnaissance and Exploitation Phase](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10013801)\n* [(2023) HAXSS: Hierarchical Reinforcement Learning for XSS Payload Generation](http://wwwhomes.doc.ic.ac.uk/~maffeis/papers/trustcom22.pdf)\n* [(2023) A Transfer Double Deep Q Network Based DDoS Detection Method for Internet of Vehicles](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=10005139)\n* [(2023) Hierarchical reinforcement learning for efficient and effective automated penetration testing of large networks](https://link.springer.com/article/10.1007/s10844-022-00738-0)\n* [(2023) Prototyping an Agent for Dynamic Generation of Attack-Payloads in Web Application Vulnerability Assessment](https://www.researchgate.net/publication/379712682_Prototyping_an_Agent_for_Dynamic_Generation_of_Attack-Payloads_in_Web_Application_Vulnerability_Assessment)\n* [(2023) Deterring Adversarial Learning in Penetration Testing by Exploiting Domain Adaptation Theory](https://ieeexplore.ieee.org/document/10137792)\n* [(2023) Application of deep reinforcement learning in attacking and protecting structural features-based malicious PDF detector](https://www.sciencedirect.com/science/article/abs/pii/S0167739X22003740)\n* [(2023) ReinforSec: An Automatic Generator of Synthetic Malware Samples and Denial-of-Service Attacks through Reinforcement Learning](https://www.mdpi.com/1424-8220/23/3/1231)\n* [(2022) Improved Deep Recurrent Q-Network of POMDPs for Automated Penetration Testing](https://www.mdpi.com/2076-3417/12/20/10339)\n* [(2022) Integrated Clinical Environment Security Analysis Using Reinforcement Learning](https://www.mdpi.com/2306-5354/9/6/253)\n* [(2022) Reinforcing Penetration Testing Using AI](https://www.researchgate.net/publication/362611895_Reinforcing_Penetration_Testing_Using_AI)\n* [(2022) DUSC-DQN:An Improved Deep Q-Network for Intelligent Penetration Testing Path Design](https://ieeexplore.ieee.org/document/9846482)\n* [(2022) Optimal strategy selection for attack graph games using deep reinforcement learning](https://ieeexplore.ieee.org/document/10074866)\n* [(2022) Deep Reinforcement Learning for FlipIt Security Game](https://arxiv.org/pdf/2002.12909.pdf)\n* [(2022) DRAGON: Deep Reinforcement Learning for Autonomous Grid Operation and Attack Detection](https://dl.acm.org/doi/10.1145/3564625.3567969)\n* [(2022) A Model-Free Approach to Intrusion Response Systems](https://www.sciencedirect.com/science/article/pii/S2214212622000400)\n* [(2022) Reinforcement Learning Agents for Simulating Normal and Malicious Actions in Cyber Range Scenarios](https://ceur-ws.org/Vol-3260/paper1.pdf)\n* [(2022) Sequential Topology Attack of Supply Chain Networks Based on Reinforcement Learning](https://ieeexplore.ieee.org/abstract/document/9970706)\n* [(2022) Defend to Defeat: Limiting Information Leakage in Defending against Advanced Persistent Threats](https://ieeexplore.ieee.org/abstract/document/9987540)\n* [(2022) How to Attack and Defend NextG Radio Access Network Slicing with Reinforcement Learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=9984930)\n* [(2022) Knowledge Guided Two-player Reinforcement Learning for Cyber Attacks and Defenses](https://ebiquity.umbc.edu/_file_directory_/papers/1173.pdf)\n* [(2022) Beyond CAGE: Investigating Generalization of Learned Autonomous Network Defense Policies](https://arxiv.org/pdf/2211.15557.pdf)\n* [(2022) Bridging Automated to Autonomous Cyber Defense: Foundational Analysis of Tabular Q-Learning.](https://dl.acm.org/doi/pdf/10.1145/3560830.3563732)\n* [(2022) Cascaded Reinforcement Learning Agents for Large Action Spaces in Autonomous Penetration Testing.](https://www.mdpi.com/2076-3417/12/21/11265)\n* [(2022) Model-Free Deep Reinforcement Learning in Software-Defined Networks.](https://www.semanticscholar.org/reader/fd2fc84bc8366962b90c1c8228ff12ad17154cbb)\n* [(2022) Hierarchical reinforcement learning guidance with threat avoidance.](https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=9940160)\n* [(2022) Exposing Surveillance Detection Routes via Reinforcement Learning, Attack Graphs, and Cyber Terrain.](https://arxiv.org/pdf/2211.03027.pdf)\n* [(2022) Cognitive Models of Dynamic Decisions in Autonomous Intelligent Cyber Defense.](https://www.researchgate.net/profile/Baptiste-Prebot/publication/364965185_Cognitive_Models_of_Dynamic_Decisions_in_Autonomous_Intelligent_Cyber_Defense/links/636165142f4bca7fd0229e7b/Cognitive-Models-of-Dynamic-Decisions-in-Autonomous-Intelligent-Cyber-Defense.pdf)\n* [(2022) Optimizing cybersecurity incident response decisions using deep reinforcement learning.](https://ijece.iaescore.com/index.php/IJECE/article/view/28164/16141)\n* [(2022) Robust Moving Target Defense against Unknown Attacks: A Meta-Reinforcement Learning Approach](https://www.cs.tulane.edu/~zzheng3/publication/metaRL-MTD.pdf)\n* [(2022) Learning Games for Defending Advanced Persistent Threats in Cyber Systems](https://ieeexplore.ieee.org/abstract/document/9923774)\n* [(2022) IEEE P2668-Compliant Multi-Layer IoT-DDoS Defense System Using Deep Reinforcement Learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9916301)\n* [(2022) Privacy-Enhanced Intrusion Detection and Defense for Cyber-Physical Systems: A Deep Reinforcement Learning Approach](https://downloads.hindawi.com/journals/scn/2022/4996427.pdf)\n* [(2022) DeepThrottle: Deep Reinforcement Learning for Router Throttling to Defend Against DDoS Attack in SDN](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9894298)\n* [(2022) Breakthrough to Adaptive and Cost-Aware Hardware-Assisted Zero-Day Malware Detection: A Reinforcement Learning-Based Approach](https://www.researchgate.net/profile/Zhangying-He/publication/364290246_Breakthrough_to_Adaptive_and_Cost-Aware_Hardware-Assisted_Zero-Day_Malware_Detection_A_Reinforcement_Learning-Based_Approach/links/634384d82752e45ef6a78bc6/Breakthrough-to-Adaptive-and-Cost-Aware-Hardware-Assisted-Zero-Day-Malware-Detection-A-Reinforcement-Learning-Based-Approach.pdf)\n* [(2022) Mitigating Jamming Attack in 5G Heterogeneous Networks: A Federated Deep Reinforcement Learning Approach](https://ieeexplore.ieee.org/abstract/document/9914678)\n* [(2022) Deep Reinforcement Learning based Evasion Generative Adversarial Network for Botnet Detection](https://arxiv.org/pdf/2210.02840.pdf)\n* [(2022) Adaptive threat mitigation in SDN using improved D3QN](https://www.spiedigitallibrary.org/conference-proceedings-of-spie/12339/1233911/Adaptive-threat-mitigation-in-SDN-using-improved-D3QN/10.1117/12.2652679.full?SSO=1)\n* [(2022) A Comprehensive Survey on Security Attacks to Edge Server of IoT Devices through Reinforcement Learning](https://www.researchgate.net/profile/Anit-Kumar-6/publication/363832239_A_Comprehensive_Survey_on_Security_Attacks_to_Edge_Server_of_IoT_Devices_through_Reinforcement_Learning/links/632ffdab86b22d3db4de4061/A-Comprehensive-Survey-on-Security-Attacks-to-Edge-Server-of-IoT-Devices-through-Reinforcement-Learning.pdf)\n* [(2022) Smart Grid Worm Detection Based on Deep Reinforcement Learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9880818)\n* [(2022) Deep reinforcement learning based IRS-assisted mobile edge computing under physical-layer security](https://www.sciencedirect.com/science/article/pii/S1874490722001732)\n* [(2022) Reinforcement Learning for Intrusion Detection: More Model Longness and Fewer Updates](https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=9893186)\n* [(2022) AutoDefense: Reinforcement Learning Based Autoreactive Defense Against Network Attacks](https://cs.ucf.edu/~mohaisen/doc/cns22.pdf)\n* [(2022) ProAPT: Projection of APT Threats with Deep Reinforcement Learning](https://arxiv.org/pdf/2209.07215.pdf)\n* [(2022) Reinforced Transformer Learning for VSI-DDoS Detection in Edge Clouds](https://ieeexplore.ieee.org/document/9878326/)\n* [(2022) H4rm0ny: A Competitive Zero-Sum Two-Player Markov Game for Multi-Agent Learning on Evasive Malware Generation and Detection](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9850345)\n* [(2022) Reinforcement Learning for Hardware Security: Opportunities, Developments, and Challenges](https://arxiv.org/pdf/2208.13885.pdf)\n* [(2022) Attrition: Attacking Static Hardware Trojan Detection Techniques Using Reinforcement Learning](https://arxiv.org/pdf/2208.12897.pdf)\n* [(2022) Deep Reinforcement Learning in the Advanced Cybersecurity Threat Detection and Protection](https://link.springer.com/article/10.1007/s10796-022-10333-x)\n* [(2022) ReCEIF: Reinforcement Learning-Controlled Effective Ingress Filtering](https://www.computer.org/csdl/proceedings-article/lcn/2022/09843478/1G9C5AMjieI)\n* [(2022) AutoCAT: Reinforcement Learning for Automated Exploration of Cache-Timing Attacks](https://arxiv.org/pdf/2208.08025.pdf)\n* [(2022) GPDS: A multi-agent deep reinforcement learning game for anti-jamming secure computing in MEC network](https://www.sciencedirect.com/science/article/pii/S0957417422015044)\n* [(2022) Reinforcement Learning based Adversarial Malware Example Generation Against Black-Box Detectors](https://www.sciencedirect.com/science/article/pii/S0167404822002632)\n* [(2022) SAC-AP: Soft Actor Critic based Deep Reinforcement Learning for Alert Prioritization](https://arxiv.org/pdf/2207.13666.pdf)\n* [(2022) How to Mitigate DDoS Intelligently in SD-IoV: A Moving Target Defense Approach](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9829332)\n* [(2022) ReLFA: Resist Link Flooding Attacks via Renyi Entropy and Deep Reinforcement Learning in SDN-IoT](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9837856)\n* [(2022) An Artificial Intelligence-Enabled Framework for Optimizing the Dynamic Cyber Vulnerability Management Process](https://arxiv.org/pdf/2208.02369.pdf)\n* [(2022) Eavesdropping Game Based on Multi-Agent Deep Reinforcement Learning](https://ieeexplore.ieee.org/abstract/document/9833927)\n* [(2022) A Hidden Attack Sequences Detection Method Based on Dynamic Reward Deep Deterministic Policy Gradient](https://www.hindawi.com/journals/scn/2022/1488344/)\n* [(2022) Security State Estimation for Cyber-Physical Systems against DoS Attacks via Reinforcement Learning and Game Theory](https://www.mdpi.com/2076-0825/11/7/192)\n* [(2022) Developing Optimal Causal Cyber-Defence Agents via Cyber Security Simulation](https://www.researchgate.net/publication/361638424_Developing_Optimal_Causal_Cyber-Defence_Agents_via_Cyber_Security_Simulation)\n* [(2022) Enabling intrusion detection systems with dueling double deep Q-learning](https://www.emerald.com/insight/content/doi/10.1108/DTS-05-2022-0016/full/pdf?title=enabling-intrusion-detection-systems-with-dueling-double-deep-italicqitalic-learning)\n* [(2022) MultiAgent Deep Reinforcement LearningDriven Mitigation of Adverse Effects of CyberAttacks on Electric Vehicle Charging Station](https://arxiv.org/pdf/2207.07041.pdf)\n* [(2022) XSS Adversarial Example Attacks Based on Deep Reinforcement Learning](https://www.sciencedirect.com/science/article/pii/S0167404822002255)\n* [(2022) Analyzing Multi-Agent Reinforcement Learning and Coevolution in Cybersecurity](https://dl.acm.org/doi/pdf/10.1145/3512290.3528844)\n* [(2022) AlphaSOC: Reinforcement Learning-based Cybersecurity Automation for Cyber-Physical Systems](https://ieeexplore.ieee.org/abstract/document/9797597?casa_token=CLYC6uNfXhgAAAAA:t8ohceSJb-eI-NeyhUFtizY_786VsCnFfLDe_zAh33be__HI31foWepaXvIhQ4PCF69_s3Vm)\n* [(2022) Online Cyber-Attack Detection in the Industrial Control System: A Deep Reinforcement Learning Approach](https://www.hindawi.com/journals/mpe/2022/2280871/)\n* [(2022) Detecting Cyber Attacks: A Reinforcement Learning Based Intrusion Detection System](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9813892)\n* [(2022) Robust Enhancement of Intrusion Detection Systems using Deep Reinforcement Learning and Stochastic Game](https://ieeexplore.ieee.org/abstract/document/9809923)\n* [(2022) irs-partition: An Intrusion Response System utilizing Deep Q-Networks and system partitions](https://www.sciencedirect.com/science/article/pii/S2352711022000796)\n* [(2022) Defensive deception framework against reconnaissance attacks in the cloud with deep reinforcement learning](http://scis.scichina.com/en/2022/170305.pdf)\n* [(2022) Captcha me if you can: Imitation Games with Reinforcement Learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9797367)\n* [(2022) Deep-Reinforcement-Learning-Based QoS-Aware Secure Routing for SDN-IoT](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=8935210)\n* [(2022) A generic scheme for cyber security in resource constraint network using incomplete information game](https://link.springer.com/content/pdf/10.1007/s12065-021-00684-w.pdf)\n* [(2022) A Layered Reference Model for Penetration Testing with Reinforcement Learning and Attack Graphs](https://arxiv.org/pdf/2206.06934.pdf)\n* [(2022) A flexible SDN-based framework for slow-rate DDoS attack mitigation by using deep reinforcement learning](https://www.sciencedirect.com/science/article/pii/S1084804522000960)\n* [(2022) Learning Security Strategies through Game Play and Optimal Stopping](https://arxiv.org/abs/2205.14694)\n* [(2022) Resilient Optimal Defensive Strategy of Micro-Grids System via Distributed Deep Reinforcement Learning Approach Against FDI Attack](https://ieeexplore.ieee.org/abstract/document/9783467)\n* [(2022) Data-driven Cyber-attack Detection of Intelligent Attacks in Islanded DC Microgrids](https://ieeexplore.ieee.org/abstract/document/9782082)\n* [(2022) Multiple Domain Cyberspace Attack and Defense Game Based on Reward Randomization Reinforcement Learning](https://arxiv.org/pdf/2205.10990.pdf)\n* [(2022) Cyber threat response using reinforcement learning in graph-based attack simulations](https://ieeexplore.ieee.org/abstract/document/9789835)\n* [(2022) Intrusion Prevention through Optimal Stopping](https://ieeexplore.ieee.org/document/9779345)\n* [(2022) Learning to Play an Adaptive Cyber Deception Game](https://optlearnmas22.github.io/files/paper10.pdf)\n* [(2022) Neural Fictitious Self-Play for Radar Anti-Jamming Dynamic Game with Imperfect Information](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9775208)\n* [(2022) A Reinforcement Learning Approach for Defending Against Multi-Scenario Load Redistribution Attacks](https://ieeexplore.ieee.org/abstract/document/9776523)\n* [(2022) A Proactive Eavesdropping Game in MIMO systems Based on Multi-Agent Deep Reinforcement Learning](https://ieeexplore.ieee.org/abstract/document/977039)\n* [(2022) FEAR: Federated Cyber-Attack Reaction in Distributed Software-Defined Networks with Deep Q-Network](https://ieeexplore.ieee.org/abstract/document/9768169)\n* [(2022) EvadeRL: Evading PDF Malware Classifiers with Deep Reinforcement Learning](https://www.hindawi.com/journals/scn/2022/7218800/)\n* [(2022) Link: Black-Box Detection of Cross-Site Scripting Vulnerabilities Using Reinforcement Learning](https://dl.acm.org/doi/pdf/10.1145/3485447.3512234)\n* [(2022) MERLIN - Malware Evasion with Reinforcement LearnINg](https://arxiv.org/pdf/2203.12980.pdf)\n* [(2022) DeepAir: Deep Reinforcement Learning for Adaptive Intrusion Response in Software-Defined Networks](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9732448)\n* [(2022) DroidRL: Reinforcement Learning Driven Feature Selection for Android Malware Detection](https://arxiv.org/pdf/2203.02719.pdf)\n* [(2022) MAB-Malware: A Reinforcement Learning Framework for Attacking Static Malware Classifiers](https://arxiv.org/pdf/2003.03100.pdf)\n* [(2022) Behaviour-Diverse Automatic Penetration Testing: A Curiosity-Driven Multi-Objective Deep Reinforcement Learning Approach](https://arxiv.org/pdf/2202.10630.pdf)\n* [(2022) Safe Exploration in Wireless Security: A Safe Reinforcement Learning Algorithm with Hierarchical Structure](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9705557)\n* [(2022) Discovering Exfiltration Paths Using Reinforcement Learning with Attack Graphs](https://arxiv.org/pdf/2201.12416.pdf)\n* [(2022) Multi-Agent Reinforcement Learning for Decentralized Resilient Secondary Control of Energy Storage Systems against DoS Attacks](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9676705)\n* [(2021) Network defense decision-making based on a stochastic game system and a deep recurrent Q-network](https://www.sciencedirect.com/science/article/pii/S0167404821003047)\n* [(2021) Discovering reflected cross-site scripting vulnerabilities using a multiobjective reinforcement learning environment](https://www.sciencedirect.com/science/article/pii/S0167404821003679)\n* [(2021) Enhancing the insertion of NOP instructions to obfuscate malware via deep reinforcement learning](https://www.sciencedirect.com/science/article/pii/S0167404821003679)\n* [(2021) Automating post-exploitation with deep reinforcement learning](https://www.sciencedirect.com/science/article/pii/S0167404820303813)\n* [(2021) Moving Target Defense as a Proactive Defense Element for Beyond 5G](https://ieeexplore.ieee.org/document/9579381)\n* [(2021) Network Resilience Under Epidemic Attacks: Deep Reinforcement Learning Network Topology Adaptations](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9686036)\n* [(2021) An Intrusion Response Approach for Elastic Applications Based on Reinforcement Learning](https://ieeexplore.ieee.org/abstract/document/9659882)\n* [(2021) Reinforcement Learning-assisted Threshold Optimization for Dynamic Honeypot Adaptation to Enhance IoBT Networks Security](https://ieeexplore.ieee.org/abstract/document/9660066)\n* [(2021) Reinforcement Learning-based Hierarchical Seed Scheduling for Greybox Fuzzing](https://www.cs.ucr.edu/~heng/pubs/afl-hier.pdf)\n* [(2021) SquirRL: Automating Attack Analysis on Blockchain Incentive Mechanisms with Deep Reinforcement Learning](https://www.ndss-symposium.org/wp-content/uploads/ndss2021_3C-4_24188_paper.pdf)\n* [(2021) Reinforcement Learning for the Problem of Detecting Intrusion in a Computer System](https://link.springer.com/chapter/10.1007/978-981-16-2380-6_66)\n* [(2021) Timing Strategy for Active Detection of APT Attack Based on FlipIt Model and Q-learning Method](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9670619)\n* [(2021) Collaborative Multi-agent Reinforcement Learning for Intrusion Detection ](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9660402)\n* [(2021) ATMoS+: Generalizable Threat Mitigation in SDN Using Permutation Equivariant and Invariant Deep Reinforcement Learning](http://rboutaba.cs.uwaterloo.ca/Papers/Journals/2021/TsangCommMag21.pdf)\n* [(2021) Network Security Defense Decision-Making Method Based on Stochastic Game and Deep Reinforcement Learning](https://downloads.hindawi.com/journals/scn/2021/2283786.pdf)\n* [(2021) Solving Large-Scale Extensive-Form Network Security Games via Neural Fictitious Self-Play](https://arxiv.org/abs/2106.00897)\n* [(2021) An Efficient Parallel Reinforcement Learning Approach to Cross-Layer Defense Mechanism in Industrial Control Systems](https://ieeexplore.ieee.org/abstract/document/9650577)\n* [(2021) SDN-based Moving Target Defense using Multi-agent Reinforcement Learning](https://www.researchgate.net/publication/349991931_SDN-based_Moving_Target_Defense_using_Multi-agent_Reinforcement_Learning)\n* [(2021) Reinforcement Learning for Industrial Control Network Cyber Security Orchestration](https://arxiv.org/abs/2106.05332)\n* [(2021) Automating Privilege Escalation with Deep Reinforcement Learning](https://arxiv.org/abs/2110.01362)\n* [(2021) Multi-Agent Reinforcement Learning Framework in SDN-IoT for Transient Load Detection and Prevention](https://www.mdpi.com/2227-7080/9/3/44)\n* [(2021) Crown Jewels Analysis using Reinforcement Learning with Attack Graphs](https://arxiv.org/abs/2108.09358)\n* [(2021) Deep Q-Learning based Reinforcement Learning Approach for Network Intrusion Detection](https://arxiv.org/abs/2111.13978)\n* [(2021) Deep-Reinforcement-Learning-Based Intrusion Detection in Aerial Computing Networks](https://ieeexplore.ieee.org/document/9520324)\n* [(2021) Deep Reinforcement Learning for Securing Software Defined Industrial Networks with Distributed Control Plane](https://ieeexplore.ieee.org/document/9618870)\n* [(2021) Autonomous network cyber offence strategy through deep reinforcement learning](https://www.spiedigitallibrary.org/conference-proceedings-of-spie/11746/1174622/Autonomous-network-cyber-offence-strategy-through-deep-reinforcement-learning/10.1117/12.2585173.full?SSO=1)\n* [(2021) CyGIL: A Cyber Gym for Training Autonomous Agents over Emulated Network Systems](https://arxiv.org/abs/2109.03331)\n* [(2021) Constraints Satisfiability Driven Reinforcement Learning for Autonomous Cyber Defense](https://arxiv.org/abs/2104.08994#:~:text=Constraints%20Satisfiability%20Driven%20Reinforcement%20Learning%20for%20Autonomous%20Cyber%20Defense,-Ashutosh%20Dutta%2C%20Ehab\u0026text=The%20incorporation%20of%20SMT%20does,toward%20safe%20and%20effective%20actions.)\n* [(2021) Curious SDN for network attack mitigation](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9742225)\n* [(2021) Catch Me If You Learn: Real-Time Attack Detection and Mitigation in Learning Enabled CPS](https://ieeexplore.ieee.org/document/9622383)\n* [(2021) SyzVegas: Beating Kernel Fuzzing Odds with Reinforcement Learning](https://www.usenix.org/system/files/sec21-wang-daimeng.pdf)\n* [(2021) Network Environment Design for Autonomous Cyberdefense](https://arxiv.org/pdf/2103.07583.pdf)\n* [(2021) CybORG: A Gym for the Development of Autonomous Cyber Agents](https://arxiv.org/pdf/2108.09118.pdf)\n* [(2021) SQL Injections and Reinforcement Learning: An Empirical Evaluation of the Role of Action Structure](https://link.springer.com/chapter/10.1007/978-3-030-91625-1_6)\n* [(2021) Towards Autonomous Defense of SDN Networks Using MuZero Based Intelligent Agent](https://ieeexplore.ieee.org/abstract/document/9499101)\n* [(2021) Defense Against Advanced Persistent Threats in Smart Grids: A Reinforcement Learning Approach](https://ieeexplore.ieee.org/document/9549271)\n* [(2021) Deep hierarchical reinforcement agents for automated penetration testing](https://arxiv.org/abs/2109.06449)\n* [(2021) Adversarial Attack and Defense on Graph-based IoT Botnet Detection Approach](https://ieeexplore.ieee.org/document/9514255)\n* [(2021) Simulating a Logistics Enterprise Using an Asymmetrical Wargame Simulation with Soar Reinforcement Learning and Coevolutionary Algorithms](https://dl.acm.org/doi/pdf/10.1145/3449726.3463172)\n* [(2021) Deep Reinforcement Learning for Mitigating Cyber-Physical DER Voltage Unbalance Attacks](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9482815)\n* [(2021) Mixed Initiative Balance of Human-Swarm Teaming in Surveillance via Reinforcement learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9594355)\n* [(2021) Proximal Policy Based Deep Reinforcement Learning Approach for Swarm Robots ](https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=9499288)\n* [(2021) Using Deep Reinforcement Learning to Evade Web Application Firewalls](https://ieeexplore.ieee.org/document/9720473)\n* [(2021) Sequential Node Attack of Complex Networks based on Q-learning Method](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9401544)\n* [(2021) Learning Intrusion Prevention Policies through Optimal Stopping](https://arxiv.org/pdf/2106.07160.pdf)\n* [(2021) Using Cyber Terrain in Reinforcement Learning for Penetration Testing](https://arxiv.org/abs/2108.07124)\n* [(2021) Reinforcement learning based self-adaptive moving target defense against DDoS attacks](https://www.researchgate.net/publication/349576214_Reinforcement_learning_based_self-adaptive_moving_target_defense_against_DDoS_attacks)\n* [(2021) Modeling, Detecting, and Mitigating Threats Against Industrial Healthcare Systems: A Combined Software Defined Networking and Reinforcement Learning Approach](https://ieeexplore.ieee.org/document/9470933)\n* [(2021) Lightweight IDS For UAV Networks: A Periodic Deep Reinforcement Learning-based Approach](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9463947)\n* [(2021) DESOLATER: Deep Reinforcement Learning-Based Resource Allocation and Moving Target Defense Deployment Framework](https://ieeexplore.ieee.org/document/9418999)\n* [(2021) RAIDER: Reinforcement-aided Spear Phishing Detector](https://arxiv.org/abs/2105.07582)\n* [(2021) DDoS Mitigation Based on Space-Time Flow Regularities in IoV: A Feature Adaption Reinforcement Learning Approach](https://ieeexplore.ieee.org/document/9408414)\n* [(2021) Power system structure optimization based on reinforcement learning and sparse constraints under DoS attacks in cloud environments](https://www.sciencedirect.com/science/article/pii/S1569190X21000034)\n* [(2021) Network Abnormal Traffic Detection Model Based on Semi-Supervised Deep Reinforcement Learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9577211)\n* [(2021) An adaptive honeypot using Q-Learning with severity analyzer](https://www.researchgate.net/publication/350743085_An_adaptive_honeypot_using_Q-Learning_with_severity_analyzer)\n* [(2021) Game-Theoretic Actor–Critic-Based Intrusion Response Scheme (GTAC-IRS) for Wireless SDN-Based IoT Networks](https://ieeexplore.ieee.org/document/9162048)\n* [(2021) A Reinforcement Learning Approach for Dynamic Information Flow Tracking Games for Detecting Advanced Persistent Threats](https://arxiv.org/pdf/2007.00076.pdf)\n* [(2021) Deep Reinforcement Learning for Backup Strategies against Adversaries](https://arxiv.org/pdf/2102.06632.pdf)\n* [(2021) A Secure Learning Control Strategy via Dynamic Camouflaging for Unknown Dynamical Systems under Attacks](https://arxiv.org/pdf/2102.00573.pdf)\n* [(2020) Learning and Planning in the Feature Deception Problem](https://arxiv.org/pdf/1905.04833.pdf)\n* [(2020) Machine Learning Cyberattack and Defense Strategies](https://www.sciencedirect.com/science/article/pii/S0167404818309799)\n* [(2020) Reinforcement Learning for Attack Mitigation in SDN-enabled Networks](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9165383)\n* [(2020) Per-Host DDoS Mitigation by Direct-Control Reinforcement Learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=8935157)\n* [(2020) Game Theory and Reinforcement Learning Based Secure Edge Caching in Mobile Social Networks](https://ieeexplore.ieee.org/document/9036917)\n* [(2020) A New Black Box Attack Generating Adversarial Examples Based on Reinforcement Learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=9123270)\n* [(2020) Deep Reinforcement Adversarial Learning Against Botnet Evasion Attacks](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9226405)\n* [(2020) Deep Reinforcement Learning for Adaptive Cyber Defense and Attacker’s Pattern Identification](https://link.springer.com/book/10.1007/978-3-030-19353-9)\n* [(2020) Reinforcement Learning Based Approach for Flip Attack Detection](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9303818)\n* [(2020) Reinforcement Learning in FlipIt](https://arxiv.org/pdf/2002.12909.pdf)\n* [(2020) CPSS LR-DDoS Detection and Defense in Edge Computing Utilizing DCNN Q-Learning](https://ieeexplore.ieee.org/document/9016201)\n* [(2020) Multi-agent Reinforcement Learning in Bayesian Stackelberg Markov Games for Adaptive Moving Target Defense](https://arxiv.org/abs/2007.10457)\n* [(2020) An Intelligent Deployment Policy for Deception Resources Based on Reinforcement Learning](https://ieeexplore.ieee.org/document/9001034)\n* [(2020) Defense Against Advanced Persistent Threats: Optimal Network Security Hardening Using Multi-stage Maze Network Game](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9219722)\n* [(2020) Automated Adversary Emulation for Cyber-Physical Systems via Reinforcement Learning](https://arxiv.org/abs/2011.04635)\n* [(2020) DRL-FAS: A Novel Framework Based on Deep Reinforcement Learning for Face Anti-Spoofing](https://arxiv.org/abs/2009.07529)\n* [(2020) Q-Bully: A Reinforcement Learning based Cyberbullying Detection Framework](https://ieeexplore.ieee.org/document/9154092)\n* [(2020) Application-Layer DDoS Defense with Reinforcement Learning](https://ieeexplore.ieee.org/document/9213026)\n* [(2020) DQ-MOTAG: Deep Reinforcement Learning-based Moving Target Defense Against DDoS Attacks](https://ieeexplore.ieee.org/document/9172847)\n* [(2020) A Hybrid Game Theory and Reinforcement Learning Approach for Cyber-Physical Systems Security](https://ieeexplore.ieee.org/document/9110453)\n* [(2020) Machine Learning Cyberattack and Defense Strategies](https://www.sciencedirect.com/science/article/pii/S0167404818309799)\n* [(2020) Automated Post-Breach Penetration Testing through Reinforcement Learning](https://ieeexplore.ieee.org/abstract/document/9162301)\n* [(2020) DeepBLOC: A Framework for Securing CPS through Deep Reinforcement Learning on Stochastic Games](https://ieeexplore.ieee.org/document/9162219)\n* [(2020) Deep Reinforcement Learning for DER Cyber-Attack Mitigation](https://arxiv.org/abs/2009.13088)\n* [(2020) Adaptive Cyber Defense Against Multi-Stage Attacks Using Learning-Based POMDP](https://dl.acm.org/doi/abs/10.1145/3418897)\n* [(2020) Using Knowledge Graphs and Reinforcement Learning for Malware Analysis](https://ebiquity.umbc.edu/_file_directory_/papers/1053.pdf)\n* [(2020) Autonomous Security Analysis and Penetration Testing](https://ieeexplore.ieee.org/document/939428)\n* [(2020) POMDP + Information-Decay: Incorporating Defender's Behaviour in Autonomous Penetration Testing](https://ojs.aaai.org/index.php/ICAPS/article/view/6666/6520)\n* [(2020) ATMoS: Autonomous Threat Mitigation in SDN using Reinforcement Learning](https://ieeexplore.ieee.org/document/9110426)\n* [(2020) Modeling Penetration Testing with Reinforcement Learning Using Capture-the-Flag Challenges: Trade-offs between Model-free Learning and A Priori Knowledge](https://arxiv.org/pdf/2005.12632.pdf)\n* [(2020) Finding Effective Security Strategies through Reinforcement Learning and Self-Play](https://arxiv.org/abs/2009.08120)\n* [(2020) AFRL: Adaptive federated reinforcement learning for intelligent jamming defense in FANET](https://ieeexplore.ieee.org/document/9143577)\n* [(2020) Reinforcement Learning for Efficient Network Penetration Testing](https://www.mdpi.com/2078-2489/11/1/6)\n* [(2020) The Agent Web Model -- Modelling web hacking for reinforcement learning](https://arxiv.org/abs/2009.11274)\n* [(2020) Stochastic Dynamic Information Flow Tracking Game using Supervised Learning for Detecting Advanced Persistent Threats](https://arxiv.org/abs/2007.12327)\n* [(2020) Reinforcement Learning Based PHY Authentication for VANETs](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=8961122)\n* [(2020) Deep Reinforcement Learning for Cybersecurity Assessment of Wind Integrated Power Systems](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=9261465)\n* [(2020) Smart Security Audit: Reinforcement Learning with a Deep Neural Network Approximator](https://ieeexplore.ieee.org/abstract/document/9139683)\n* [(2020) Quickest Detection of Advanced Persistent Threats: A Semi-Markov Game Approach](https://ieeexplore.ieee.org/document/9095996)\n* [(2020) Distributed Reinforcement Learning for Cyber-Physical System With Multiple Remote State Estimation Under DoS Attacker](https://ieeexplore.ieee.org/abstract/document/9174773)\n* [(2020) Secure Crowdsensing in 5G Internet of Vehicles: When Deep Reinforcement Learning Meets Blockchain](https://ieeexplore.ieee.org/document/9311241)\n* [(2020) Deep Reinforcement Learning based Intrusion Detection System for Cloud Infrastructure](https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=9027452)\n* [(2020) Application of deep reinforcement learning to intrusion detection for supervised problems](https://www.sciencedirect.com/science/article/pii/S0957417419306815)\n* [(2019) A game-theoretic method based on Q-learning to invalidate criminal smart contracts](https://www.sciencedirect.com/science/article/pii/S0020025519304645)\n* [(2019) A Performance Evaluation of Deep Reinforcement Learning for Model-Based Intrusion Response](https://www.cse.msstate.edu/wp-content/uploads/2019/11/ic12.pdf)\n* [(2019) Deep Q-Learning and Particle Swarm Optimization for Bot Detection in Online Social Networks](https://ieeexplore.ieee.org/document/8944493)\n* [(2019) Finding Needles in a Moving Haystack: Prioritizing Alerts with Adversarial Reinforcement Learning](https://arxiv.org/abs/1906.08805)\n* [(2019) Evaluation of Reinforcement Learning-Based False Data Injection Attack to Automatic Voltage Control](https://ieeexplore.ieee.org/document/8248780)\n* [(2019) Study of Learning of Power Grid Defense Strategy in Adversarial Stage Game](https://ieeexplore.ieee.org/document/8834202)\n* [(2019) Learning to Cope with Adversarial Attacks](https://arxiv.org/abs/1906.12061)\n* [(2019) Learning Distributed Cooperative Policies for Security Games via Deep Reinforcement Learning](https://ieeexplore.ieee.org/abstract/document/8753973)\n* [(2019) An Efficient Reinforcement Learning-Based Botnet Detection approach](http://nrl.northumbria.ac.uk/id/eprint/41349/1/JNCA_1.pdf)\n* [(2019) Strategic Learning for Active, Adaptive, and Autonomous Cyber Defense](https://arxiv.org/abs/1907.01396)\n* [(2019) QFlip: An Adaptive Reinforcement Learning Strategy for the FlipIt Security Game](https://arxiv.org/abs/1906.11938)\n* [(2019) Solving Cyber Alert Allocation Markov Games with Deep Reinforcement Learning](https://link.springer.com/chapter/10.1007/978-3-030-32430-8_11)\n* [(2019) Adaptive Honeypot Engagement Through Reinforcement Learning of Semi-Markov Decision Processes](https://link.springer.com/chapter/10.1007/978-3-030-32430-8_13)\n* [(2019) Detecting Phishing Websites through Deep Reinforcement Learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=8754075)\n* [(2019) Adversarial Deep Reinforcement Learning based Adaptive Moving Target Defense](https://arxiv.org/abs/1911.11972)\n* [(2019) Autonomous Penetration Testing using Reinforcement Learning](https://arxiv.org/abs/1905.05965)\n* [(2019) A Multistage Game in Smart Grid Security: A Reinforcement Learning Solution](https://ieeexplore.ieee.org/document/8603817)\n* [(2019) Automating Penetration Testing using Reinforcement Learning](https://stefann.eu/files/Automating%20Penetration%20Testing%20using%20Reinforcement%20Learning.pdf)\n* [(2019) Reinforcement Learning-Based DoS Mitigation in Software Defined Networks](https://www.springerprofessional.de/en/reinforcement-learning-based-dos-mitigation-in-software-defined-/17630266)\n* [(2019) Adversarial attack and defense in reinforcement learning-from AI security view](https://cybersecurity.springeropen.com/track/pdf/10.1186/s42400-019-0027-x.pdf)\n* [(2019) A Learning-Based Solution for an Adversarial Repeated Game in Cyber–Physical Power Systems](https://par.nsf.gov/servlets/purl/10280062)\n* [(2019) Reinforcement Learning for Cyber-Physical Security Assessment of Power Systems](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=8810568)\n* [(2019) Empowering Reinforcement Learning on Big Sensed Data for Intrusion Detection](https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=8761575)\n* [(2019) Cyber-Attack Recovery Strategy for Smart Grid Based on Deep Reinforcement Learning](https://ieeexplore.ieee.org/document/8915727)\n* [(2019) Deep Reinforcement Learning for Partially Observable Data Poisoning Attack in Crowdsensing Systems](https://ieeexplore.ieee.org/document/8945245)\n* [(2019) Adaptive Alert Management for Balancing Optimal Performance among Distributed CSOCs using Reinforcement Learning](https://ieeexplore.ieee.org/document/8762232)\n* [(2018) Simulating SQL Injection Vulnerability Exploitation Using Q-Learning Reinforcement Learning Agents](https://arxiv.org/abs/2101.03118)\n* [(2018) Security in Mobile Edge Caching with Reinforcement Learning](https://ieeexplore.ieee.org/document/8403961)\n* [(2018) Detection of online phishing email using dynamic evolving neural network based on reinforcement learning](https://www.sciencedirect.com/science/article/pii/S0167923618300010)\n* [(2018) A reinforcement learning approach for attack graph analysis](https://researchonline.gcu.ac.uk/ws/portalfiles/portal/26084628/H.Tianfield_attack_graph.pdf)\n* [(2018) Reinforcement Learning for Autonomous Defence in Software-Defined Networking](https://arxiv.org/abs/1808.05770)\n* [(2018) Learning to Evade Static PE Machine Learning Malware Models via Reinforcement Learning](https://arxiv.org/abs/1801.08917)\n* [(2018) Autonomic Computer Network Defence Using Risk State and Reinforcement Learning](https://www.ccdcoe.org/uploads/2018/10/17_BEAUDOIN-Autonomic-Computer-Network-Defence.pdf)\n* [(2018) Reinforcement Learning for Intelligent Penetration Testing](https://ieeexplore.ieee.org/document/8611595)\n* [(2018) Autonomous Intelligent Cyber-defense Agent (AICA) Reference Architecture](https://arxiv.org/abs/1803.10664)\n* [(2018) Deep reinforecement learning based optimal defense for cyber-physical system in presence of unknown cyber-attack](https://ieeexplore.ieee.org/document/8285298)\n* [(2018) Adversarial Reinforcement Learning for Observer Design in Autonomous Systems under Cyber Attacks](https://arxiv.org/abs/1809.06784)\n* [(2018) Machine learning for autonomous cyber defense](https://www.nsa.gov/portals/75/documents/resources/everyone/digital-media-center/publications/the-next-wave/TNW-22-1.pdf)\n* [(2018) Online Cyber-Attack Detection in Smart Grid: A Reinforcement Learning Approach](https://arxiv.org/abs/1809.05258)\n* [(2018) Deep Reinforcement Learning based Smart Mitigation of DDoS Flooding in Software-Defined Networks](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=8514971)\n* [(2018) Off-Policy Q-learning Technique for Intrusion Response in Network Security](https://www.semanticscholar.org/paper/Off-Policy-Q-learning-Technique-for-Intrusion-in-Stefanova-Ramachandran/737667620f7696ad2089808eb810f8a95ee2a1e3#extracted)\n* [(2018) UAV Relay in VANETs Against Smart Jamming With Reinforcement Learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=8246580)\n* [(2018) A Game-Theoretical Approach to Cyber-Security of Critical Infrastructures Based on Multi-Agent Reinforcement Learning](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\u0026arnumber=8442695)\n* [(2018) Security in Mobile Edge Caching with Reinforcement Learning](https://arxiv.org/pdf/1801.05915.pdf)\n* [(2018) Robotics CTF (RCTF), a playground for robot hacking](https://arxiv.org/abs/1810.02690)\n* [(2018) NIDSRL: Network Based Intrusion Detection System Using Reinforcement Learning ](https://www.researchtrend.net/ijeece/pdf/IJEECE-1093-DARSHANA%20KAMAVISDAR.pdf)\n* [(2018) An IRL Approach for Cyber-Physical Attack Intention Prediction and Recovery](https://ieeexplore.ieee.org/document/8430922)\n* [(2018) QRASSH - A Self-Adaptive SSH Honeypot Driven by Q-Learning](https://ieeexplore.ieee.org/document/8430922)\n* [(2018) Using Reinforcement Learning to Conceal Honeypot Functionality](https://www.semanticscholar.org/paper/Using-Reinforcement-Learning-to-Conceal-Honeypot-Dowling-Schukat/a081d7606d18dc6e30a7b0395faf7909e84c721c)\n* [(2018) Improving adaptive honeypot functionality with efficient reinforcem","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FLimmen%2Fawesome-rl-for-cybersecurity","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FLimmen%2Fawesome-rl-for-cybersecurity","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FLimmen%2Fawesome-rl-for-cybersecurity/lists"}