With computing now ubiquitous across government, industry, and education, cybersecurity has become a critical component for every organization on the planet. Due to this ubiquity of computing, cyber threats have continued to grow year over year, leading to labor shortages and a skills gap in cybersecurity. As a result, many cybersecurity product vendors and security organizations have looked to artificial intelligence to shore up their defenses. This work considers how to characterize attackers and defenders in one approach to the automation of cyber defense -- the application of reinforcement learning. Specifically, we characterize the types of attackers and defenders in the sense of Bayesian games and, using reinforcement learning, derive empirical findings about how to best train agents that defend against multiple types of attackers.

翻译：随着计算技术如今在政府、工业和教育领域的普遍应用，网络安全已成为全球每个组织至关重要的组成部分。由于计算的这种普遍性，网络威胁逐年持续增长，导致网络安全领域劳动力短缺和技能差距。因此，许多网络安全产品供应商和安全组织已转向人工智能以加强其防御能力。本研究探讨了在一种网络防御自动化方法——强化学习的应用中——如何刻画攻击者与防御者的特征。具体而言，我们从贝叶斯博弈的角度刻画攻击者与防御者的类型，并利用强化学习得出关于如何最优训练能够防御多种类型攻击者的智能体的实证结论。