| Summary: | Cybersecurity simulations can offer deep insights into the behavior of agents in the battle to secure computer systems. We build on existing work modeling the competition between an attacker and defender on a network architecture in a zero-sum game using a graph database linking cybersecurity attack patterns, vulnerabilities, and software. To support these simulations, we introduce a data-driven approach to generate enterprise network samples. We apply coevolution to this challenging environment, and, in a novel modeling approach for this problem, interpret each population as a distribution over fixed strategies to form a mixed strategy Nash equilibrium. We compare the results to solutions generated by multi-agent reinforcement learning and show that evolutionary methods demonstrate a greater degree of robustness to hyperparameter misspecification in this environment. Our results suggest that coevolution may prove to be a satisfactory benchmark for hyperparameter tuning of adversarially trained reinforcement learning agents in the absence of other metrics for solution optimality.
|
|---|