{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,19]],"date-time":"2025-11-19T07:00:37Z","timestamp":1763535637431,"version":"3.40.3"},"publisher-location":"Cham","reference-count":77,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030307189"},{"type":"electronic","value":"9783030307196"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-30719-6_4","type":"book-chapter","created":{"date-parts":[[2019,8,31]],"date-time":"2019-08-31T02:27:36Z","timestamp":1567218456000},"page":"54-93","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":10,"title":["Reinforcement Learning for Adaptive Cyber Defense Against Zero-Day Attacks"],"prefix":"10.1007","author":[{"given":"Zhisheng","family":"Hu","sequence":"first","affiliation":[]},{"given":"Ping","family":"Chen","sequence":"additional","affiliation":[]},{"given":"Minghui","family":"Zhu","sequence":"additional","affiliation":[]},{"given":"Peng","family":"Liu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,8,31]]},"reference":[{"key":"4_CR1","doi-asserted-by":"crossref","unstructured":"Shirey, R.: Internet Security Glossary, RFC 2828, RFC Editor, May 2000","DOI":"10.17487\/rfc2828"},{"key":"4_CR2","series-title":"IFIP International Federation for Information Processing","doi-asserted-by":"publisher","first-page":"373","DOI":"10.1007\/978-0-387-72367-9_32","volume-title":"New Approaches for Security, Privacy and Trust in Complex Environments","author":"H Johansen","year":"2007","unstructured":"Johansen, H., Johansen, D., van Renesse, R.: FirePatch: secure and time-critical dissemination of software patches. In: Venter, H., Eloff, M., Labuschagne, L., Eloff, J., von Solms, R. (eds.) SEC 2007. IIFIP, vol. 232, pp. 373\u2013384. Springer, Boston, MA (2007). \n                    https:\/\/doi.org\/10.1007\/978-0-387-72367-9_32"},{"key":"4_CR3","doi-asserted-by":"crossref","unstructured":"Durumeric, Z., et al.: The matter of heartbleed. In: Proceedings of the 2014 Conference on Internet Measurement Conference (IMC 2014), Vancouver, BC, Canada, pp. 475\u2013488 (2014)","DOI":"10.1145\/2663716.2663755"},{"key":"4_CR4","unstructured":"CVE-2014-0160, Heartbleed bug (2014). \n                    https:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2014-0160"},{"key":"4_CR5","unstructured":"Symantec, Internet security threat report (2016). \n                    https:\/\/www.symantec.com\/content\/dam\/symantec\/docs\/reports\/istr-21-2016-en.pdf"},{"key":"4_CR6","unstructured":"Symantec, Internet security threat report (2015). \n                    https:\/\/know.elq.symantec.com\/LP=1542"},{"key":"4_CR7","doi-asserted-by":"crossref","unstructured":"Okhravi, H., et al.: Survey of cyber moving targets. Technical report, Massachusetts Institute of Technology Lexington Lincoln Lab (2013)","DOI":"10.21236\/ADA591804"},{"key":"4_CR8","doi-asserted-by":"crossref","unstructured":"O\u2019Donnell, A.J., Sethu, H.: On achieving software diversity for improved network security using distributed coloring algorithms. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS 2004, Washington DC, USA, pp. 121\u2013131 (2004)","DOI":"10.1145\/1030083.1030101"},{"key":"4_CR9","doi-asserted-by":"crossref","unstructured":"Fraser, T., Petkac, M., Badger, L.: Security agility for dynamic execution environments. Technical report, DTIC Document (2002)","DOI":"10.21236\/ADA407300"},{"issue":"2","key":"4_CR10","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1813654.1813655","volume":"28","author":"Tom Roeder","year":"2010","unstructured":"Roeder, T., Schneider, F.B.: Proactive obfuscation. ACM Trans. Comput. Syst. 28(2) (2010)","journal-title":"ACM Transactions on Computer Systems"},{"key":"4_CR11","doi-asserted-by":"crossref","unstructured":"Larsen, P., Homescu, A., Brunthaler, S., Franz, M.: SoK: automated software diversity. In: Proceedings of the 2014 IEEE Symposium on Security and Privacy (SP 2014), San Jose, CA, USA (2014)","DOI":"10.1109\/SP.2014.25"},{"key":"4_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"405","DOI":"10.1007\/978-3-319-11379-1_20","volume-title":"Research in Attacks, Intrusions and Defenses","author":"H Okhravi","year":"2014","unstructured":"Okhravi, H., Riordan, J., Carter, K.: Quantitative evaluation of dynamic platform techniques as a defensive mechanism. In: Stavrou, A., Bos, H., Portokalidis, G. (eds.) RAID 2014. LNCS, vol. 8688, pp. 405\u2013425. Springer, Cham (2014). \n                    https:\/\/doi.org\/10.1007\/978-3-319-11379-1_20"},{"key":"4_CR13","doi-asserted-by":"crossref","unstructured":"Bigelow, D., Hobson, T., Rudd, R., Streilein, W., Okhravi, H.: Timely rerandomization for mitigating memory disclosures. In: ACM SIGSAC Conference on Computer and Communications Security (CCS 205), Denver, Colorado, USA, pp. 268\u2013279 (2015)","DOI":"10.1145\/2810103.2813691"},{"key":"4_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11556992_1","volume-title":"Information Security","author":"S Sidiroglou","year":"2005","unstructured":"Sidiroglou, S., Giovanidis, G., Keromytis, A.D.: A dynamic mechanism for recovering from buffer overflow attacks. In: Zhou, J., Lopez, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 1\u201315. Springer, Heidelberg (2005). \n                    https:\/\/doi.org\/10.1007\/11556992_1"},{"key":"4_CR15","unstructured":"Giuffrida, C., Kuijsten, A., Tanenbaum, A.S.: Enhanced operating system security through efficient and fine-grained address space randomization. In: USENIX Conference on Security Symposium (Security 2012), Bellevue, WA, pp. 475\u2013490, August 2012"},{"key":"4_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1007\/978-3-642-18178-8_16","volume-title":"Information Security","author":"Z Xin","year":"2011","unstructured":"Xin, Z., Chen, H., Han, H., Mao, B., Xie, L.: Misleading malware similarities analysis by automatic data structure obfuscation. In: Burmester, M., Tsudik, G., Magliveras, S., Ili\u0107, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 181\u2013195. Springer, Heidelberg (2011). \n                    https:\/\/doi.org\/10.1007\/978-3-642-18178-8_16"},{"key":"4_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/978-3-319-24174-6_4","volume-title":"Computer Security \u2013 ESORICS 2015","author":"P Chen","year":"2015","unstructured":"Chen, P., Xu, J., Lin, Z., Xu, D., Mao, B., Liu, P.: A practical approach for adaptive data structure layout randomization. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015. LNCS, vol. 9326, pp. 69\u201389. Springer, Cham (2015). \n                    https:\/\/doi.org\/10.1007\/978-3-319-24174-6_4"},{"key":"4_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-319-13841-1_1","volume-title":"Information Systems Security","author":"G Cybenko","year":"2014","unstructured":"Cybenko, G., Jajodia, S., Wellman, M.P., Liu, P.: Adversarial and uncertain reasoning for adaptive cyber defense: building the scientific foundation. In: Prakash, A., Shyamasundar, R. (eds.) ICISS 2014. LNCS, vol. 8880, pp. 1\u20138. Springer, Cham (2014). \n                    https:\/\/doi.org\/10.1007\/978-3-319-13841-1_1"},{"key":"4_CR19","volume-title":"Neuro-Dynamic Programming","author":"D Bertsekas","year":"1996","unstructured":"Bertsekas, D., Tsitsiklis, J.: Neuro-Dynamic Programming. Athena Scientific, Belmont (1996)"},{"key":"4_CR20","volume-title":"Reinforcement Learning: An Introduction","author":"AG Barto","year":"1998","unstructured":"Barto, A.G.: Reinforcement Learning: An Introduction. MIT Press, Cambridge (1998)"},{"key":"4_CR21","unstructured":"mprotect(2) - Linux man page. \n                    http:\/\/linux.die.net\/man\/2\/mprotect"},{"key":"4_CR22","unstructured":"Silberman, P., Johnson, R.: A comparison of buffer overflow prevention implementations and weaknesses. IDEFENSE, August 2004"},{"key":"4_CR23","doi-asserted-by":"publisher","first-page":"286","DOI":"10.2307\/1969529","volume":"54","author":"J Nash","year":"1951","unstructured":"Nash, J.: Non-cooperative games. Ann. Math. 54, 286\u2013295 (1951)","journal-title":"Ann. Math."},{"key":"4_CR24","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-17197-0","volume-title":"Network Security: A Decision and Game-Theoretic Approach","author":"T Alpcan","year":"2010","unstructured":"Alpcan, T., Ba\u015far, T.: Network Security: A Decision and Game-Theoretic Approach. Cambridge University Press, Cambridge (2010)"},{"issue":"3","key":"4_CR25","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1145\/2480741.2480742","volume":"45","author":"M Manshaei","year":"2013","unstructured":"Manshaei, M., Zhu, Q., Alpcan, T., Basar, T., Hubaux, J.: Game theory meets network security and privacy. ACM Comput. Surv. 45(3), 25\u201339 (2013)","journal-title":"ACM Comput. Surv."},{"key":"4_CR26","doi-asserted-by":"crossref","unstructured":"Roy, S., Ellis, C., Shiva, S., Dasgupta, D., Shandilya, V., Wu, Q.: A survey of game theory as applied to network security, Hawaii, USA, pp. 1\u201310 (2010)","DOI":"10.1109\/HICSS.2010.35"},{"issue":"9","key":"4_CR27","doi-asserted-by":"publisher","first-page":"1227","DOI":"10.1109\/TPDS.2007.1000","volume":"18","author":"S Bohacek","year":"2007","unstructured":"Bohacek, S., Hespanha, J., Lee, J., Lim, C., Obraczka, K.: Game theoretic stochastic routing for fault tolerance and security in computer networks. IEEE Trans. Parallel Distrib. Syst. 18(9), 1227\u20131240 (2007)","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"key":"4_CR28","doi-asserted-by":"crossref","unstructured":"Zhu, Q., Clark, A., Poovendran, R., Ba\u015far, T.: Deceptive routing games. In: 2012 IEEE 51st IEEE Conference on Decision and Control (CDC), Maui, Hawaii, USA, pp. 2704\u20132711 (2012)","DOI":"10.1109\/CDC.2012.6426515"},{"key":"4_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-319-25594-1_1","volume-title":"Decision and Game Theory for Security","author":"A Clark","year":"2015","unstructured":"Clark, A., Sun, K., Bushnell, L., Poovendran, R.: A game-theoretic approach to IP address randomization in decoy-based cyber defense. In: Khouzani, M.H.R., Panaousis, E., Theodorakopoulos, G. (eds.) GameSec 2015. LNCS, vol. 9406, pp. 3\u201321. Springer, Cham (2015). \n                    https:\/\/doi.org\/10.1007\/978-3-319-25594-1_1"},{"key":"4_CR30","volume-title":"Dynamic Noncooperative Game Theory","author":"T Basar","year":"1999","unstructured":"Basar, T., Olsder, G.: Dynamic Noncooperative Game Theory. SIAM Classics in Applied Mathematics, Philadelphia (1999)"},{"key":"4_CR31","volume-title":"The Theory of Learning in Games","author":"D Fudenberg","year":"1998","unstructured":"Fudenberg, D., Levine, D.K.: The Theory of Learning in Games, vol. 2. MIT Press, Cambridge (1998)"},{"key":"4_CR32","volume-title":"Population Games and Evolutionary Dynamics","author":"WH Sandholm","year":"2010","unstructured":"Sandholm, W.H.: Population Games and Evolutionary Dynamics. MIT Press, Cambridge (2010)"},{"key":"4_CR33","volume-title":"Individual Strategy and Social Structure: An Evolutionary Theory of Institutions","author":"HP Young","year":"2001","unstructured":"Young, H.P.: Individual Strategy and Social Structure: An Evolutionary Theory of Institutions. Princeton University Press, Princeton (2001)"},{"key":"4_CR34","doi-asserted-by":"publisher","first-page":"265","DOI":"10.2307\/1907353","volume":"22","author":"K Arrow","year":"1954","unstructured":"Arrow, K., Debreu, G.: Existence of an equilibrium for a competitive economy. Econometrica 22, 265\u2013290 (1954)","journal-title":"Econometrica"},{"issue":"3","key":"4_CR35","doi-asserted-by":"publisher","first-page":"173","DOI":"10.1007\/s10288-007-0054-4","volume":"5","author":"F Facchinei","year":"2007","unstructured":"Facchinei, F., Kanzow, C.: Generalized Nash equilibrium problems. 4OR 5(3), 173\u2013210 (2007)","journal-title":"4OR"},{"issue":"3","key":"4_CR36","doi-asserted-by":"publisher","first-page":"520","DOI":"10.2307\/1911749","volume":"33","author":"J Rosen","year":"1965","unstructured":"Rosen, J.: Existence and uniqueness of equilibrium points for concave N-person games. Econometrica 33(3), 520\u2013534 (1965)","journal-title":"Econometrica"},{"issue":"8","key":"4_CR37","doi-asserted-by":"publisher","first-page":"3471","DOI":"10.1109\/TIT.2008.926399","volume":"54","author":"J-S Pang","year":"2008","unstructured":"Pang, J.-S., Scutari, G., Facchinei, F., Wang, C.: Distributed power allocation with rate constraints in Gaussian parallel interference channels. IEEE Trans. Inf. Theory 54(8), 3471\u20133489 (2008)","journal-title":"IEEE Trans. Inf. Theory"},{"issue":"7","key":"4_CR38","doi-asserted-by":"publisher","first-page":"1702","DOI":"10.1109\/TAC.2011.2137590","volume":"56","author":"H Yin","year":"2011","unstructured":"Yin, H., Shanbhag, U., Mehta, P.: Nash equilibrium problems with scaled congestion costs and shared constraints. IEEE Trans. Autom. Control 56(7), 1702\u20131708 (2011)","journal-title":"IEEE Trans. Autom. Control"},{"key":"4_CR39","volume-title":"Convex Optimization in Signal Processing and Communications","author":"D Palomar","year":"2010","unstructured":"Palomar, D., Eldar, Y.: Convex Optimization in Signal Processing and Communications. Cambridge University Press, Cambridge (2010)"},{"issue":"1","key":"4_CR40","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1137\/100784163","volume":"51","author":"M Zhu","year":"2013","unstructured":"Zhu, M., Mart\u00ednez, S.: Distributed coverage games for energy-aware mobile sensor networks. SIAM J. Control Optim. 51(1), 1\u201327 (2013)","journal-title":"SIAM J. Control Optim."},{"key":"4_CR41","doi-asserted-by":"publisher","first-page":"594","DOI":"10.1109\/TAC.2012.2215413","volume":"58","author":"J Koshal","year":"2013","unstructured":"Koshal, J., Nedi\u0107, A., Shanbhag, U.V.: Regularized iterative stochastic approximation methods for stochastic variational inequality problems. IEEE Trans. Autom. Control 58, 594\u2013609 (2013)","journal-title":"IEEE Trans. Autom. Control"},{"key":"4_CR42","doi-asserted-by":"crossref","unstructured":"Yousefian, F., Nedi\u0107, A., Shanbhag, U.V.: A distributed adaptive steplength stochastic approximation method for monotone stochastic Nash games. In: 2013 American Control Conference, pp. 4765\u20134770, June 2013","DOI":"10.1109\/ACC.2013.6580575"},{"key":"4_CR43","first-page":"57","volume":"61","author":"HP Young","year":"1993","unstructured":"Young, H.P.: The evolution of conventions. Econ.: J. Econom. Soc. 61, 57\u201384 (1993)","journal-title":"Econ.: J. Econom. Soc."},{"issue":"6","key":"4_CR44","doi-asserted-by":"publisher","first-page":"90","DOI":"10.1016\/j.automatica.2019.02.032","volume":"104","author":"Z Hu","year":"2019","unstructured":"Hu, Z., Zhu, M., Chen, P., Liu, P.: On convergence rates of game theoretic reinforcement learning algorithms. Automatica 104(6), 90\u2013101 (2019)","journal-title":"Automatica"},{"issue":"1","key":"4_CR45","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1016\/j.ijcip.2012.01.002","volume":"5","author":"H Okhravi","year":"2012","unstructured":"Okhravi, H., Comella, A., Robinson, E., Haines, J.: Creating a cyber moving target for critical infrastructure applications using platform diversity. Int. J. Crit. Infrastruct. Prot. 5(1), 30\u201339 (2012)","journal-title":"Int. J. Crit. Infrastruct. Prot."},{"issue":"22","key":"4_CR46","first-page":"1","volume":"3","author":"S Takahashi","year":"2002","unstructured":"Takahashi, S., Yamamori, T.: The pure Nash equilibrium property and the quasi-acyclic condition. Econ. Bull. 3(22), 1\u20136 (2002)","journal-title":"Econ. Bull."},{"issue":"1","key":"4_CR47","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1016\/0196-8858(85)90002-8","volume":"6","author":"TL Lai","year":"1985","unstructured":"Lai, T.L., Robbins, H.: Asymptotically efficient adaptive allocation rules. Adv. Appl. Math. 6(1), 4\u201322 (1985)","journal-title":"Adv. Appl. Math."},{"issue":"2\u20133","key":"4_CR48","doi-asserted-by":"publisher","first-page":"235","DOI":"10.1023\/A:1013689704352","volume":"47","author":"P Auer","year":"2002","unstructured":"Auer, P., Cesa-Bianchi, N., Fischer, P.: Finite-time analysis of the multiarmed bandit problem. Mach. Learn. 47(2\u20133), 235\u2013256 (2002)","journal-title":"Mach. Learn."},{"key":"4_CR49","unstructured":"Zurschmeide, J.B.: IRIX Advanced Site and Server Administration Guide. Silicon Graphics (1994)"},{"key":"4_CR50","unstructured":"Kuleshov, V., Precup, D.: Algorithms for multi-armed bandit problems. CoRR, abs\/1402.6028 (2014)"},{"key":"4_CR51","unstructured":"SPEC CPU benchmark suite (2000). \n                    http:\/\/www.spec.org\/cpu2000\/"},{"key":"4_CR52","unstructured":"R. LLC, World\u2019s most used penetration testing software (2016). \n                    http:\/\/www.metasploit.com\/"},{"key":"4_CR53","doi-asserted-by":"publisher","first-page":"79","DOI":"10.1214\/aoms\/1177729694","volume":"22","author":"S Kullback","year":"1951","unstructured":"Kullback, S., Leibler, R.A.: On information and sufficiency. Ann. Math. Stat. 22, 79\u201386 (1951)","journal-title":"Ann. Math. Stat."},{"key":"4_CR54","unstructured":"CVE-2002-0656, Apache openSSL heap overflow exploit (2002). \n                    http:\/\/www.phreedom.org\/research\/exploits\/apache-openssl\/"},{"key":"4_CR55","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1007\/978-3-642-02918-9_7","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"Z Lin","year":"2009","unstructured":"Lin, Z., Riley, R.D., Xu, D.: Polymorphing software by randomizing data structure layout. In: Flegel, U., Bruschi, D. (eds.) DIMVA 2009. LNCS, vol. 5587, pp. 107\u2013126. Springer, Heidelberg (2009). \n                    https:\/\/doi.org\/10.1007\/978-3-642-02918-9_7"},{"key":"4_CR56","unstructured":"Crispin, C., et al.: Stackguard: automatic adaptive detection and prevention of buffer-overflow attacks. In: Proceedings of the 7th Conference on USENIX Security Symposium (SSYM 1998), San Antonio, Texas, pp. 63\u201378, January 1998"},{"key":"4_CR57","unstructured":"CVE-2001-0144, SSH CRC-32 compensation attack detector (2001). \n                    http:\/\/www.securityfocus.com\/bid\/2347\/discuss"},{"key":"4_CR58","unstructured":"CVE-2015-0235, Ghost: glibc gethostbyname buffer overflow (2015). \n                    https:\/\/www.qualys.com\/2015\/01\/27\/cve-2015-0235\/GHOST-CVE-2015-0235.txt"},{"key":"4_CR59","unstructured":"CVE-1999-0071, Apache-cookie bug (1999). \n                    http:\/\/seclab.cs.ucdavis.edu\/projects\/testing\/vulner\/39.html"},{"key":"4_CR60","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1186\/s42400-018-0003-x","volume":"1","author":"P Chen","year":"2018","unstructured":"Chen, P., Hu, Z., Xu, J., Zhu, M., Liu, P.: Feedback control can make data structure layout randomization more cost-effective under zero-day attacks. Cybersecurity 1, 3 (2018)","journal-title":"Cybersecurity"},{"issue":"1","key":"4_CR61","doi-asserted-by":"publisher","first-page":"174","DOI":"10.1016\/0022-247X(65)90154-X","volume":"10","author":"KJ \u00c2str\u00f6m","year":"1965","unstructured":"\u00c2str\u00f6m, K.J.: Optimal control of Markov processes with incomplete state information. J. Math. Anal. Appl. 10(1), 174\u2013205 (1965)","journal-title":"J. Math. Anal. Appl."},{"key":"4_CR62","doi-asserted-by":"crossref","unstructured":"Miehling, E., Rasouli, M., Teneketzis, D.: Optimal defense policies for partially observable spreading processes on Bayesian attack graphs. In: Proceedings of the Second ACM Workshop on Moving Target Defense, MTD 2015, Denver, Colorado, USA, pp. 67\u201376. ACM (2015)","DOI":"10.1145\/2808475.2808482"},{"key":"4_CR63","doi-asserted-by":"crossref","unstructured":"Liu, Y., Man, H.: Network vulnerability assessment using Bayesian networks. In: Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2005, pp. 61\u201371 (2005)","DOI":"10.1117\/12.604240"},{"key":"4_CR64","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1109\/TDSC.2011.34","volume":"9","author":"N Poolsappasit","year":"2012","unstructured":"Poolsappasit, N., Dewri, R., Ray, I.: Dynamic security risk management using Bayesian attack graphs. IEEE Trans. Dependable Secur. Comput. 9, 61\u201374 (2012)","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"4_CR65","doi-asserted-by":"crossref","unstructured":"Nguyen, T.H., Wright, M., Wellman, M.P., Baveja, S.: Multi-stage attack graph security games: heuristic strategies, with empirical game-theoretic analysis. In: Proceedings of the 2017 Workshop on Moving Target Defense, MTD 2017, Dallas, Texas, USA, pp. 87\u201397. ACM (2017)","DOI":"10.1145\/3140549.3140562"},{"key":"4_CR66","unstructured":"Schiffman, M.: Common vulnerability scoring system (CVSS) (2017). \n                    http:\/\/www.first.org\/cvss"},{"key":"4_CR67","doi-asserted-by":"crossref","unstructured":"Hu, Z., Zhu, M., Liu, P.: Online algorithms for adaptive cyber defense on Bayesian attack graphs. In: Fourth ACM Workshop on Moving Target Defense in Association with 2017 ACM Conference on Computer and Communications Security, Dallas, pp. 99\u2013109, October 2017","DOI":"10.1145\/3140549.3140556"},{"key":"4_CR68","unstructured":"Zambon, E., Bolzoni, D.: Network intrusion detection systems: false positive reduction through anomaly detection (2006). \n                    http:\/\/www.blackhat.com\/presentations\/bh-usa-06\/BH-US-06-Zambon.pdf"},{"issue":"2","key":"4_CR69","doi-asserted-by":"publisher","first-page":"282","DOI":"10.1287\/opre.26.2.282","volume":"26","author":"EJ Sondik","year":"1978","unstructured":"Sondik, E.J.: The optimal control of partially observable Markov processes over the infinite horizon: discounted costs. Oper. Res. 26(2), 282\u2013304 (1978)","journal-title":"Oper. Res."},{"key":"4_CR70","volume-title":"Dynamic Programming","author":"RE Bellman","year":"2003","unstructured":"Bellman, R.E.: Dynamic Programming. Dover Publications, Mineola (2003)"},{"key":"4_CR71","doi-asserted-by":"publisher","DOI":"10.1515\/9781400874651","volume-title":"Applied Dynamic Programming","author":"RE Bellman","year":"1962","unstructured":"Bellman, R.E., Dreyfus, S.E.: Applied Dynamic Programming. Princeton University Press, Princeton (1962)"},{"key":"4_CR72","first-page":"279","volume":"8","author":"CJCH Watkins","year":"1992","unstructured":"Watkins, C.J.C.H., Dayan, P.: Q-learning. Mach. Learn. 8, 279\u2013292 (1992)","journal-title":"Mach. Learn."},{"key":"4_CR73","first-page":"639","volume":"6","author":"M Hutter","year":"2005","unstructured":"Hutter, M., Poland, J.: Adaptive online prediction by following the perturbed leader. J. Mach. Learn. Res. 6, 639\u2013660 (2005)","journal-title":"J. Mach. Learn. Res."},{"key":"4_CR74","doi-asserted-by":"publisher","first-page":"291","DOI":"10.1016\/j.jcss.2004.10.016","volume":"71","author":"A Kalai","year":"2005","unstructured":"Kalai, A., Vempala, S.: Efficient algorithms for online decision problems. J. Comput. Syst. Sci. 71, 291\u2013307 (2005)","journal-title":"J. Comput. Syst. Sci."},{"key":"4_CR75","doi-asserted-by":"publisher","DOI":"10.4135\/9781412983617","volume-title":"Central Tendency and Variability","author":"Herbert Weisberg","year":"1992","unstructured":"Weisberg, H.: Central tendency and variability. No. 83, Sage University Paper Series on Quantitative Applications in the Social Sciences (1992)"},{"key":"4_CR76","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s10458-012-9200-2","volume":"27","author":"G Shani","year":"2013","unstructured":"Shani, G., Pineau, J., Kaplow, R.: A survey of point-based POMDP solvers. Auton. Agent. Multi-Agent Syst. 27, 1\u201351 (2013)","journal-title":"Auton. Agent. Multi-Agent Syst."},{"key":"4_CR77","unstructured":"Schiffman, M.: Common vulnerability scoring system v3.0: specification document (2017). \n                    https:\/\/www.first.org\/cvss\/cvss-v30-specification-v1.7.pdf"}],"container-title":["Lecture Notes in Computer Science","Adversarial and Uncertain Reasoning for Adaptive Cyber Defense"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-30719-6_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,31]],"date-time":"2019-08-31T05:34:14Z","timestamp":1567229654000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-30719-6_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030307189","9783030307196"],"references-count":77,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-30719-6_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"31 August 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}