Investigating the Efficacy of Deep Reinforcement Learning Models in Detecting and Mitigating Cyber-attacks: a Novel Approach

S. Phani Praveen*¹, Anuradha Chokka², Pappula Sarala³, Rajeswari Nakka⁴, Suresh Babu Chandolu⁵, V. Esther Jyothi⁶

¹Department of CSE, PVP Siddhartha Institute of Technology, Vijayawada, A.P, India

²Department of CSE, Koneru Lakshmaiah Education Foundation, Vaddeswaram, Guntur, AP, India

³Department of CSE, Lakireddy Bali Reddy College of Engineering, Mylavaram, AP, India

⁴Department of Computer Science and Engineering, Seshadri Rao Gudlavalleru Engineering College, Gudlavalleru, India

⁵Department of CSE, Dhanekula Institute of Engineering and Technology, Gangur, Vijayawada, A.P, India

⁶Department of Computer Applications, Velagapudi Ramakrishna Siddhartha

Engineering College, Vijayawada, A.P, India

Emails: phani.0713@gmail.com; dranuradha@kluniversity.in; saralapappula05@gmail.com; rajeswari.gec@gmail.com; suresh.chandolu@gmail.com; vejyothi@vrsiddhartha.ac.in

* Corresponding Author: phani.0713@gmail.com

Abstract

Ordinary defence components like rule-based firewalls and mark based detection are not staying aware of the always expanding intricacy and frequency of cyber security dangers. The reason for this work is to explore the way that deep reinforcement learning (DRL), a subfield of artificial intelligence famous for its viability in handling testing decision-production situations, may be utilized to improve cyber security conventions. To mimic and balance threatening cyber-attacks, we present a system that utilizes deep reinforcement learning (DRL). We propose a specialist based model that can learn and adjust ceaselessly in powerful network security situations. In light of the present status of the network and the rewards it gets for its decisions, the specialist concludes what the best game-plans are. Specifically, we utilize the policy gradient (PG)- based double deep Q-network (DDQN) model and trial on three different datasets: NSL-KDD, CIC-IDS, and AWID. Our review demonstrates the way that DRL can really further develop the detection after-effects of cyber-attacks. Utilizing the policy gradient DDQN model on different datasets, we find prominent upgrades in cyber security conventions. Specific boundary modifications upgrade the viability of our philosophy much more, displaying empowering results on different datasets. This exploration features the potential of deep reinforcement learning (DRL) as a successful instrument in the field of cyber security. Our examination progresses detection techniques and gives a versatile arrangement that can be applied to an assortment of cyber security worries by giving areas of strength for a to demonstrating and relieving cyber dangers.

Keywords: Deep reinforcement learning; Detection; Cyber-attacks; Network security; Double deep Q-network; Policy gradient.