Browsing by Author "ALMAMMA Amir"

Now showing 1 - 1 of 1
  • Thumbnail Image
    Item
    investigation of Poisoning Effects and Defensive Measures on Reinforcement Learning-based Intrusion Response via Optimal Stopping
    (Tassadit, 2025-01-21) ALMAMMA Amir
    As cyber infrastructures become increasingly complex and integral to critical sectors like finance, healthcare, and national security, the need for advanced security systems continues to grow. Intrusion Detection System (IDS) have become a cornerstone in de tecting and mitigating a wide range of cyber threats. However, as attacks become more sophisticated, there is a pressing need for systems that not only detect intrusions but also autonomously deploy defensive actions in real-time without human intervention. This engineering report focuses on the development of poisoning strategies aimed at compromising the training process of Reinforcement Learning (RL)-based agents in active IDS. It also proposes defensive measures to mitigate the adverse effects of such poisoning attacks, including the implementation of a dynamic reward adjustment framework through a MetaAgent strategy. The effectiveness of these strategies was evaluated within the Cyber Security Learning Environment (CSLE) framework, exploring the impact of poisoning on intrusion length and agent performance. Furthermore, the report highlights the challenges faced during the experiments, partic ularly the limitations in computational resources, which constrained the ability to conduct large-scale experiments. Future work will explore alternative defensive strategies and fur ther investigate methods to enhance the robustness of RL-driven IDS