Digital twins for security automation
We present a novel emulation system for creating high-fidelity digital twins of IT
infrastructures. The digital twins replicate key functionality of the corresponding …
infrastructures. The digital twins replicate key functionality of the corresponding …
Learning near-optimal intrusion responses against dynamic attackers
We study automated intrusion response and formulate the interaction between an attacker
and a defender as an optimal stop** game where attack and defense strategies evolve …
and a defender as an optimal stop** game where attack and defense strategies evolve …
Learning security strategies through game play and optimal stop**
We study automated intrusion prevention using reinforcement learning. Following a novel
approach, we formulate the interaction between an attacker and a defender as an optimal …
approach, we formulate the interaction between an attacker and a defender as an optimal …
Scalable learning of intrusion response through recursive decomposition
We study automated intrusion response for an IT infrastructure and formulate the interaction
between an attacker and a defender as a partially observed stochastic game. To solve the …
between an attacker and a defender as a partially observed stochastic game. To solve the …
An online framework for adapting security policies in dynamic it environments
We present an online framework for learning and updating security policies in dynamic IT
environments. It includes three components: a digital twin of the target system, which …
environments. It includes three components: a digital twin of the target system, which …
Optimal Security Response to Network Intrusions in IT Systems
K Hammar - arxiv preprint arxiv:2502.02541, 2025 - arxiv.org
Cybersecurity is one of the most pressing technological challenges of our time and requires
measures from all sectors of society. A key measure is automated security response, which …
measures from all sectors of society. A key measure is automated security response, which …