An Online Framework for Adapting Security Policies in Dynamic IT Environments
| Title | An Online Framework for Adapting Security Policies in Dynamic IT Environments |
| Publication Type | Conference Paper |
| Year of Publication | 2022 |
| Authors | Hammar, Kim, Stadler, Rolf |
| Conference Name | 2022 18th International Conference on Network and Service Management (CNSM) |
| Keywords | Adaptation models, composability, Data models, digital twin, digital twins, dynamic networks, Dynamical Systems, Markov Decision Process, MDP, Metrics, Network security, pomdp, pubcrawl, reinforcement learning, resilience, Resiliency, security, security management, System Identification |
| Abstract | We present an online framework for learning and updating security policies in dynamic IT environments. It includes three components: a digital twin of the target system, which continuously collects data and evaluates learned policies; a system identification process, which periodically estimates system models based on the collected data; and a policy learning process that is based on reinforcement learning. To evaluate our framework, we apply it to an intrusion prevention use case that involves a dynamic IT infrastructure. Our results demonstrate that the framework automatically adapts security policies to changes in the IT infrastructure and that it outperforms a state-of-the-art method. |
| DOI | 10.23919/CNSM55787.2022.9964838 |
| Citation Key | hammar_online_2022 |