Multiple deception resources deployment strategy based on reinforcement learning for network threat mitigation
Abstract The Advanced Persistent Threat (APT) poses significant security challenges to the availability and reliability of government and enterprise information systems. Due to the high concealment and long duration characteristic of APT, industry and academia typically adopt active defense methods...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Nature Portfolio
2025-05-01
|
| Series: | Scientific Reports |
| Online Access: | https://doi.org/10.1038/s41598-025-00348-0 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Abstract The Advanced Persistent Threat (APT) poses significant security challenges to the availability and reliability of government and enterprise information systems. Due to the high concealment and long duration characteristic of APT, industry and academia typically adopt active defense methods to combat APT. By deploying deception defense (DD) methods such as honeypots, the attacker’s target can be effectively confused. However, in reality, honeypots are usually deployed in resource-constrained systems. Therefore, how to effectively deploy deception resources is an urgent problem that needs to be addressed. This paper proposes a multi-type deception resources deployment strategy generation algorithm based on reinforcement learning for the network reconnaissance stage of APT. Through the analysis of network assets and attack process, the algorithm balances the two dimensions of defense effectiveness and defense cost, generating the deployment strategy for deception resources. The experimental results show that compared to other baselines, the proposed algorithm achieves defensive success probability of 97.09% while reducing the attack probability of the target asset by at least 10.34%. This effectively reduces defense costs while ensuring defense efficiency. In addition, the algorithm demonstrates good convergence and stability. |
|---|---|
| ISSN: | 2045-2322 |