Deep Reinforcement Learning Approach for Cyberattack Detection

Authors

  • Imad Tareq Faculty of Computer and Information Sciences, Ain Shams University, Cairo, Egypt.
  • Bassant Mohamed Elbagoury Faculty of Computer Science and Computer Engineering King Salman International Uni-versity. Faculty of Computer Science and information sciences Ain Shams University, Egypt.
  • Salsabil Amin El-Regaily Faculty of Computer and Information Sciences, Ain Shams University, Cairo, Egypt.
  • El-Sayed M. El-Horbaty Faculty of Computer and Information Sciences, Ain Shams University, Cairo, Egypt.

DOI:

https://doi.org/10.3991/ijoe.v20i05.48229

Keywords:

Network Security, deep reinforcement learning, cyber-attacks, cyber-defense, Double Deep Q-Network, policy gradient.

Abstract


Recently, there has been a growing concern regarding the detrimental effects of cyberattacks on both infrastructure and users. Conventional safety measures, such as encryption, firewalls, and intrusion detection, are inadequate to safeguard cyber systems against emerging and evolving threats. To address this issue, researchers have turned to reinforcement learning (RL) as a potential solution for complex decision-making problems in cybersecurity. However, the application of RL faces various obstacles, including a lack of suitable training data, dynamic attack scenarios, and challenges in modeling real-world complexities. This paper suggests applying deep reinforcement learning (DRL), a deep framework, to simulate malicious cyberattacks and enhance cybersecurity. Our framework utilizes an agent-based model that is capable of continuous learning and adaptation within a dynamic network security environment. The agent determines the most optimal course of action based on the network’s state and the corresponding rewards received for its decisions. We present the outcomes of our experimentation with the application of DRL on a specific model, double deep Q-network (DDQN), utilizing policy gradient (PG) on three distinct datasets: NSL-KDD, CIC-IDS-2018, and AWID. Our research demonstrates that DRL can effectively improve cyberattack detection outcomes through our model and specific parameter adjustments.

Cover iJOE – Vol 20, No 05, 2024

Downloads

Published

2024-03-15

How to Cite

Tareq, I., Elbagoury, B. M., El-Regaily, S. A., & El-Horbaty, E.-S. M. (2024). Deep Reinforcement Learning Approach for Cyberattack Detection. International Journal of Online and Biomedical Engineering (iJOE), 20(05), pp. 15–30. https://doi.org/10.3991/ijoe.v20i05.48229

Issue

Vol. 20 No. 05 (2024)

Section

Papers

License

Copyright (c) 2024 Haider TH.Salim ALRikabi (Submitter); Imad Tareq, Bassant M. Elbagoury, Salsabil El-Regaily, El-Sayed M. El-Horbaty

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The submitting author warrants that the submission is original and that she/he is the author of the submission together with the named co-authors; to the extend the submission incorporates text passages, figures, data or other material from the work of others, the submitting author has obtained any necessary permission.
Articles in this journal are published under the Creative Commons Attribution Licence (CC-BY What does this mean?). This is to get more legal certainty about what readers can do with published articles, and thus a wider dissemination and archiving, which in turn makes publishing with this journal more valuable for you, the authors.
By submitting an article the author grants to this journal the non-exclusive right to publish it. The author retains the copyright and the publishing rights for his article without any restrictions.