Data Analytics for the Cyber Security of an Information System Based on a Markov Decision Process Model
- 1 Institute for Systems Engineering Research, Mississippi State University, Vicksburg, MS 39180, United States
Abstract
Intrusion detection is an important research topic in information systems and cyber security. Both a defender and an attacker detect and learn about each other during an intrusion process. The defender can expel the attacker as soon as the attacker is detected or wait and observe to know more about the attacker for the detection and prevention of other attacks in the future. An optimal decision is often required in this situation. Data analytics is conducted to achieve an optimal decision for the cyber security of an information system based on a Markov Decision Process (MDP) model in this study. The state of the information system is completely observable in the model. The model is validated using various algorithms that include policy iteration, value iteration, and Q-learning. Data analytics over a finite planning horizon and an infinite planning horizon is conducted, respectively. The expected total cost for each state is analyzed at various parameters of the transition probability and various parameters of the transition cost.
DOI: https://doi.org/10.3844/ajeassp.2022.288.294
Copyright: © 2022 Lidong Wang, Randy Jones and Terril C. Falls. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
- 1,945 Views
- 950 Downloads
- 0 Citations
Download
Keywords
- Cyber Security
- Information System
- Markov Decision Process
- Data Analytics
- Q-Learning