The security of cloud environments, such as Amazon Web Services (AWS), is complex and dynamic. Static security policies have become inadequate as threats evolve and cloud resources exhibit elasticity [1]. This paper addresses the limitations of static policies by proposing a security policy management framework that uses reinforcement learning (RL) to adapt dynamically. Specifically, we employ deep reinforcement learning algorithms, including deep Q Networks and proximal policy optimization, enabling the learning and continuous adjustment of controls such as firewall rules and Identity and Access Management (IAM) policies. The proposed RL based solution leverages cloud telemetry data (AWS Cloud Trail logs, network traffic data, threat intelligence feeds) to continuously refine security policies, maximizing threat mitigation, and compliance while minimizing resource impact. Experimental results demonstrate that our adaptive RL based framework significantly outperforms static policies, achieving higher intrusion detection rates (92% compared to 82% for static policies) and substantially reducing incident detection and response times by 58%. In addition, it maintains high conformity with security requirements and efficient resource usage. These findings validate the effectiveness of adaptive reinforcement learning approaches in improving cloud security policy management.

翻译：亚马逊网络服务（AWS）等云环境的安全具有复杂性和动态性。随着威胁态势的演变以及云资源呈现弹性特征，静态安全策略已显不足[1]。本文针对静态策略的局限性，提出一种利用强化学习实现动态自适应的安全策略管理框架。具体而言，我们采用深度强化学习算法，包括深度Q网络和近端策略优化，以实现对防火墙规则、身份与访问管理等控制措施的持续学习与调整。所提出的基于强化学习的解决方案利用云遥测数据（AWS CloudTrail日志、网络流量数据、威胁情报源）持续优化安全策略，在最大化威胁缓解与合规性的同时，最小化对资源的影响。实验结果表明，我们基于强化学习的自适应框架显著优于静态策略，实现了更高的入侵检测率（92%，静态策略为82%），并将事件检测与响应时间大幅缩短了58%。此外，该框架在保持高安全合规性的同时，实现了高效的资源利用。这些发现验证了自适应强化学习方法在改进云安全策略管理方面的有效性。