Application of deep reinforcement learning algorithms for automatic threat detection and response in dynamic network environments to improve cybersecurity

Abstract

In the present environment, as cybersecurity attacks become more sophisticated and frequent, classic protection techniques, such as rule-based firewalls and signature-based detection systems, are no longer effective. Modern cyberattacks require innovative solutions that can change and react in real time. Deep reinforcement learning (DRL) is a subfield of artificial intelligence that efficiently solves complicated decision-making issues in numerous domains, such as cybersecurity. This research aims to improve cybersecurity by establishing deep reinforcement learning algorithms for automated threat detection and response in dynamic network environments. To address these problems, this study proposed a novel Improved Mayfly Optimized Deep Deterministic Policy Gradient (IMO-DDPG) to automate threat detection and improve cybersecurity response in dynamic network environments. Collect real-time network intrusion datasets accessible to the public to train the DRL model. The data was preprocessed using normalization, for feature extraction Principal Component Analysis (PCA). To improve performance in an increasingly developing environment, the study customizes DRL algorithms with an emphasis on continuous action spaces, adversarial training, and customized reward structures. The results indicate that the IMO-DDPG method outperforms accuracy (94.5%), recall (94.0%), precision (92.5%), and F1-score (93.5%) to compare existing algorithms. The remarkable success rate, highest average reward, and superior efficiency in interpretation significantly improve threat detection and response capabilities. The results show the suggested algorithms for automated detection and response, highlighting the right decision, can significantly enhance cybersecurity defences.

Keywords

automatic threat detection cybersecurity dynamic network environments improved Mayfly Optimized Deep Deterministic Policy Gradient

Get full access to this article

View all access options for this article.

References

Chen

Cam

. Quantifying cybersecurity effectiveness of dynamic network diversity. IEEE Trans Dependable Secure Comput 2021; 19(6): 3804–3821.

Capuano

Fenza

Loia

, et al. Explainable artificial intelligence in cybersecurity: A survey. IEEE Access 2022; 10: 93575–93600.

Sewak

Sahay

Rathore

. Deep reinforcement learning in the advanced cybersecurity threat detection and protection. Inf Syst Front 2023; 25(2): 589–611.

Keyes

McLaughlin

Barner

, et al. An ecological network approach to predict ecosystem service vulnerability to species losses. Nat Commun 2021; 12(1): 1586.

Shahin

Maghanaki

Hosseinzadeh

, et al. Advancing network security in industrial IoT: A deep dive into AI-enabled intrusion detection systems. Adv Eng Inf 2024; 62: 102685.

Ruan

Zhou

, et al. A unified cognitive learning framework for adapting to dynamic environments and tasks. IEEE Wireless Commun 2021; 28(6): 208–216.

Bécue

Praça

Gama

. Artificial intelligence, cyber-threats and Industry 4.0: Challenges and opportunities. Artif Intell Rev 2021; 54(5): 3849–3886.

Trim

Lee

. Combining sociocultural intelligence with Artificial Intelligence to increase organizational cyber security provision through enhanced resilience. Big Data Cogn Comput 2022; 6(4): 110.

Melaku

. Context-based and adaptive cybersecurity risk management framework. Risks 2023; 11(6): 101.

10.

Kaur

Gabrijelčič

Klobučar

. Artificial intelligence for cybersecurity: Literature review and future research directions. Inf Fusion 2023; 97: 101804.

11.

Shah

. Machine learning algorithms for cybersecurity: Detecting and preventing threats. Rev Española Doc Científica 2021; 15(4): 42–66.

12.

Naseer

Ahmad

, et al. Real-time analytics, incident response process agility and enterprise cybersecurity performance: A contingent resource-based analysis. Int J Inf Manag 2021; 59: 102334.

13.

Yungaicela-Naula

Vargas-Rosales

Pérez-Díaz

, et al. Towards security automation in software defined networks. Comput Commun 2022; 183: 64–82.

14.

Nikoloudakis

Kefaloukos

Klados

, et al. Towards a machine learning based situational awareness framework for cybersecurity: an SDN implementation. Sensors 2021; 21(14): 4939.

15.

Gudala

Shaik

Venkataramanan

. Leveraging machine learning for enhanced threat detection and response in zero trust security frameworks: An Exploration of Real-Time Anomaly Identification and Adaptive Mitigation Strategies. J Artif Intell Res 2021; 1(2): 19–45.

16.

Repetto

Striccoli

Piro

, et al. An autonomous cybersecurity framework for next-generation digital service chains. J Netw Syst Manage 2021; 29(4): 37.

17.

Mironeanu

Archip

Amarandei

, et al. Experimental cyber attack detection framework. Electronics 2021; 10(14): 1682.

18.

Guo

. Real-time risk detection method and protection strategy for intelligent ship network security based on cloud computing. Symmetry 2023; 15(5): 988.

19.

Bringhenti

Marchetto

Sisto

, et al. Automation for network security configuration: state of the art and research trends. ACM Comput Surv 2023; 56(3): 1–37.

20.

Rose

Swann

Grammatikakis

, et al. IDERES: intrusion detection and response system using machine learning and attack graphs. J Syst Architect 2022; 131: 102722.

21.

Kandhro

Alanazi

Ali

, et al. Detection of real-time malicious intrusions and attacks in IoT empowered cybersecurity infrastructures. IEEE Access 2023; 11: 9136–9148.

22.

Apruzzese

Laskov

Montes de Oca

, et al. The role of machine learning in cybersecurity. Digital Threats 2023; 4(1): 1–38.

23.

Gong

Lee

. Cyber threat intelligence framework for incident response in an energy cloud platform. Electronics 2021; 10(3): 239.

24.

Furdek

Natalino

Di Giglio

, et al. Optical network security management: requirements, architecture, and efficient machine learning models for detection of evolving threats. J Opt Commun Netw 2021; 13(2): A144–A155.

25.

Nespoli

Díaz-López

Mármol

. Cyberprotection in IoT environments: A dynamic rule-based solution to defend smart devices. J Inf Secur Appl 2021; 60: 102878.

26.

Al-Rubaye

Türkben

. Using artificial intelligence to evaluating detection of cybersecurity threats in ad hoc networks. BJN 2024; 2024: 45–56.

27.

Khanza

Yulian

Khairunnisa

, et al. Evaluating the effectiveness of machine learning in cyber threat detection. Corisinta 2024; 1(2): 172–179.