A Novel Framework for Enhancing Decision-Making in Autonomous Cyber Defense Through Graph Embedding
Faced with challenges posed by sophisticated cyber attacks and dynamic characteristics of cyberspace, the autonomous cyber defense (ACD) technology has shown its effectiveness. However, traditional decision-making methods for ACD are unable to effectively characterize the network topology and intern...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2025-06-01
|
| Series: | Entropy |
| Subjects: | |
| Online Access: | https://www.mdpi.com/1099-4300/27/6/622 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850168270045315072 |
|---|---|
| author | Zhen Wang Yongjie Wang Xinli Xiong Qiankun Ren Jun Huang |
| author_facet | Zhen Wang Yongjie Wang Xinli Xiong Qiankun Ren Jun Huang |
| author_sort | Zhen Wang |
| collection | DOAJ |
| description | Faced with challenges posed by sophisticated cyber attacks and dynamic characteristics of cyberspace, the autonomous cyber defense (ACD) technology has shown its effectiveness. However, traditional decision-making methods for ACD are unable to effectively characterize the network topology and internode dependencies, which makes it difficult for defenders to identify key nodes and critical attack paths. Therefore, this paper proposes an enhanced decision-making method combining graph embedding with reinforcement learning algorithms. By constructing a game model for cyber confrontations, this paper models important elements of the network topology for decision-making, which guide the defender to dynamically optimize its strategy based on topology awareness. We improve the reinforcement learning with the Node2vec algorithm to characterize information for the defender from the network. And, node attributes and network structural features are embedded into low-dimensional vectors instead of using traditional one-hot encoding, which can address the perceptual bottleneck in high-dimensional sparse environments. Meanwhile, the algorithm training environment Cyberwheel is extended by adding new fine-grained defense mechanisms to enhance the utility and portability of ACD. In experiments, our decision-making method based on graph embedding is compared and analyzed with traditional perception methods. The results show and verify the superior performance of our approach in the strategy selection of defensive decision-making. Also, diverse parameters of the graph representation model Node2vec are analyzed and compared to find the impact on the enhancement of the embedding effectiveness for the decision-making of ACD. |
| format | Article |
| id | doaj-art-06f845b510314a62aa779294045ae76d |
| institution | OA Journals |
| issn | 1099-4300 |
| language | English |
| publishDate | 2025-06-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Entropy |
| spelling | doaj-art-06f845b510314a62aa779294045ae76d2025-08-20T02:21:01ZengMDPI AGEntropy1099-43002025-06-0127662210.3390/e27060622A Novel Framework for Enhancing Decision-Making in Autonomous Cyber Defense Through Graph EmbeddingZhen Wang0Yongjie Wang1Xinli Xiong2Qiankun Ren3Jun Huang4College of Electronic Engineering, National University of Defense Technology, Hefei 230037, ChinaCollege of Electronic Engineering, National University of Defense Technology, Hefei 230037, ChinaCollege of Electronic Engineering, National University of Defense Technology, Hefei 230037, ChinaCollege of Electronic Engineering, National University of Defense Technology, Hefei 230037, ChinaCollege of Electronic Engineering, National University of Defense Technology, Hefei 230037, ChinaFaced with challenges posed by sophisticated cyber attacks and dynamic characteristics of cyberspace, the autonomous cyber defense (ACD) technology has shown its effectiveness. However, traditional decision-making methods for ACD are unable to effectively characterize the network topology and internode dependencies, which makes it difficult for defenders to identify key nodes and critical attack paths. Therefore, this paper proposes an enhanced decision-making method combining graph embedding with reinforcement learning algorithms. By constructing a game model for cyber confrontations, this paper models important elements of the network topology for decision-making, which guide the defender to dynamically optimize its strategy based on topology awareness. We improve the reinforcement learning with the Node2vec algorithm to characterize information for the defender from the network. And, node attributes and network structural features are embedded into low-dimensional vectors instead of using traditional one-hot encoding, which can address the perceptual bottleneck in high-dimensional sparse environments. Meanwhile, the algorithm training environment Cyberwheel is extended by adding new fine-grained defense mechanisms to enhance the utility and portability of ACD. In experiments, our decision-making method based on graph embedding is compared and analyzed with traditional perception methods. The results show and verify the superior performance of our approach in the strategy selection of defensive decision-making. Also, diverse parameters of the graph representation model Node2vec are analyzed and compared to find the impact on the enhancement of the embedding effectiveness for the decision-making of ACD.https://www.mdpi.com/1099-4300/27/6/622autonomous cyber defenseintelligent decision-makinggraph embeddingreinforcement learning |
| spellingShingle | Zhen Wang Yongjie Wang Xinli Xiong Qiankun Ren Jun Huang A Novel Framework for Enhancing Decision-Making in Autonomous Cyber Defense Through Graph Embedding Entropy autonomous cyber defense intelligent decision-making graph embedding reinforcement learning |
| title | A Novel Framework for Enhancing Decision-Making in Autonomous Cyber Defense Through Graph Embedding |
| title_full | A Novel Framework for Enhancing Decision-Making in Autonomous Cyber Defense Through Graph Embedding |
| title_fullStr | A Novel Framework for Enhancing Decision-Making in Autonomous Cyber Defense Through Graph Embedding |
| title_full_unstemmed | A Novel Framework for Enhancing Decision-Making in Autonomous Cyber Defense Through Graph Embedding |
| title_short | A Novel Framework for Enhancing Decision-Making in Autonomous Cyber Defense Through Graph Embedding |
| title_sort | novel framework for enhancing decision making in autonomous cyber defense through graph embedding |
| topic | autonomous cyber defense intelligent decision-making graph embedding reinforcement learning |
| url | https://www.mdpi.com/1099-4300/27/6/622 |
| work_keys_str_mv | AT zhenwang anovelframeworkforenhancingdecisionmakinginautonomouscyberdefensethroughgraphembedding AT yongjiewang anovelframeworkforenhancingdecisionmakinginautonomouscyberdefensethroughgraphembedding AT xinlixiong anovelframeworkforenhancingdecisionmakinginautonomouscyberdefensethroughgraphembedding AT qiankunren anovelframeworkforenhancingdecisionmakinginautonomouscyberdefensethroughgraphembedding AT junhuang anovelframeworkforenhancingdecisionmakinginautonomouscyberdefensethroughgraphembedding AT zhenwang novelframeworkforenhancingdecisionmakinginautonomouscyberdefensethroughgraphembedding AT yongjiewang novelframeworkforenhancingdecisionmakinginautonomouscyberdefensethroughgraphembedding AT xinlixiong novelframeworkforenhancingdecisionmakinginautonomouscyberdefensethroughgraphembedding AT qiankunren novelframeworkforenhancingdecisionmakinginautonomouscyberdefensethroughgraphembedding AT junhuang novelframeworkforenhancingdecisionmakinginautonomouscyberdefensethroughgraphembedding |