Adaptive Learning for Moving Target defence: Enhancing Cybersecurity Strategies

TL;DR

This paper models Moving Target Defense as a stochastic game, proposing a threshold-based reinforcement learning approach to optimize strategies for both attackers and defenders, thereby improving cybersecurity resilience.

Contribution

It introduces a structure-aware policy gradient algorithm for MTD, enabling adaptive, equilibrium-seeking strategies in cybersecurity defense.

Findings

Optimal strategies follow a threshold structure

The proposed algorithm converges to Nash equilibrium

Enhanced defender adaptability improves security outcomes

Abstract

In this work, we model Moving Target Defence (MTD) as a partially observable stochastic game between an attacker and a defender. The attacker tries to compromise the system through probing actions, while the defender minimizes the risk by reimaging the system, balancing between performance cost and security level. We demonstrate that the optimal strategies for both players follow a threshold structure. Based on this insight, we propose a structure-aware policy gradient reinforcement learning algorithm that helps both players converge to the Nash equilibrium. This approach enhances the defender's ability to adapt and effectively counter evolving threats, improving the overall security of the system. Finally, we validate the proposed method through numerical simulations.