{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,30]],"date-time":"2026-04-30T22:54:37Z","timestamp":1777589677073,"version":"3.51.4"},"publisher-location":"Cham","reference-count":34,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031708787","type":"print"},{"value":"9783031708794","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-70879-4_17","type":"book-chapter","created":{"date-parts":[[2024,9,4]],"date-time":"2024-09-04T19:02:20Z","timestamp":1725476540000},"page":"332-352","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["Optimizing Cyber Defense in\u00a0Dynamic Active Directories Through Reinforcement Learning"],"prefix":"10.1007","author":[{"given":"Diksha","family":"Goel","sequence":"first","affiliation":[]},{"given":"Kristen","family":"Moore","sequence":"additional","affiliation":[]},{"given":"Mingyu","family":"Guo","sequence":"additional","affiliation":[]},{"given":"Derui","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Minjune","family":"Kim","sequence":"additional","affiliation":[]},{"given":"Seyit","family":"Camtepe","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,9,5]]},"reference":[{"key":"17_CR1","unstructured":"CAGE Challenge 1. arXiv (2021)"},{"key":"17_CR2","unstructured":"Cyber operations research gym. In: Standen, M., et al. (eds.) (2022). https:\/\/github.com\/cage-challenge\/CybORG"},{"key":"17_CR3","unstructured":"TTCP CAGE Challenge 2 (2022)"},{"issue":"9","key":"17_CR4","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3558001","volume":"55","author":"H Ahmad","year":"2023","unstructured":"Ahmad, H., Dharmadasa, I., Ullah, F., Babar, M.A.: A review on c3i systems\u2019 security: vulnerabilities, attacks, and countermeasures. ACM Comput. Surv. 55(9), 1\u201338 (2023)","journal-title":"ACM Comput. Surv."},{"key":"17_CR5","doi-asserted-by":"crossref","unstructured":"Applebaum, A., et\u00a0al.: Bridging automated to autonomous cyber defense: Foundational analysis of tabular q-learning. In: Proceedings of the 15th ACM Workshop on Artificial Intelligence and Security, pp. 149\u2013159 (2022)","DOI":"10.1145\/3560830.3563732"},{"key":"17_CR6","doi-asserted-by":"crossref","unstructured":"Bates, E., Mavroudis, V., Hicks, C.: Reward shaping for happier autonomous cyber security agents. In: Proceedings of the 16th ACM Workshop on Artificial Intelligence and Security, pp. 221\u2013232 (2023)","DOI":"10.1145\/3605764.3623916"},{"key":"17_CR7","unstructured":"Brockman, G., et al.: Openai gym. arXiv preprint arXiv:1606.01540 (2016)"},{"issue":"3","key":"17_CR8","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3561974","volume":"2","author":"A Do","year":"2022","unstructured":"Do, A., Guo, M., Neumann, A., Neumann, F.: Analysis of evolutionary diversity optimization for permutation problems. ACM Trans. Evol. Learn. 2(3), 1\u201327 (2022)","journal-title":"ACM Trans. Evol. Learn."},{"key":"17_CR9","doi-asserted-by":"crossref","unstructured":"Dunagan, J., Zheng, A.X., Simon, D.R.: Heat-ray: combating identity snowball attacks using machinelearning, combinatorial optimization and attack graphs. In: Proceedings of the ACM SIGOPS 22nd Symposium on Operating Systems Principles, pp. 305\u2013320 (2009)","DOI":"10.1145\/1629575.1629605"},{"key":"17_CR10","doi-asserted-by":"crossref","unstructured":"Foley, M., Hicks, C., Highnam, K., Mavroudis, V.: Autonomous network defence using reinforcement learning. In: Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security, pp. 1252\u20131254 (2022)","DOI":"10.1145\/3488932.3527286"},{"key":"17_CR11","doi-asserted-by":"crossref","unstructured":"Goel, D., Neumann, A., Neumann, F., Nguyen, H., Guo, M.: Evolving reinforcement learning environment to minimize learner\u2019s achievable reward: An application on hardening active directory systems. In: Proceedings of the Genetic and Evolutionary Computation Conference, GECCO 2023, pp. 1348\u20131356 (2023)","DOI":"10.1145\/3583131.3590436"},{"key":"17_CR12","doi-asserted-by":"crossref","unstructured":"Goel, D., Ward-Graham, M.H., Neumann, A., Neumann, F., Nguyen, H., Guo, M.: Defending active directory by combining neural network based dynamic program and evolutionary diversity optimisation. In: Proceedings of the Genetic and Evolutionary Computation Conference, GECCO 2022, pp. 1191-1199 (2022)","DOI":"10.1145\/3512290.3528729"},{"key":"17_CR13","unstructured":"Group, T.C.W.: TTCP cage challenge 3. https:\/\/github.com\/cage-challenge\/cage-challenge-3 (2022)"},{"key":"17_CR14","unstructured":"Group, T.C.W.: Ttcp cage challenge 4. https:\/\/github.com\/cage-challenge\/cage-challenge-4 (2023)"},{"key":"17_CR15","doi-asserted-by":"crossref","unstructured":"Guo, M., Li, J., Neumann, A., Neumann, F., Nguyen, H.: Practical fixed-parameter algorithms for defending active directory style attack graphs. In: Proceedings of the AAAI Conference on Artificial Intelligence, vol.\u00a036, pp. 9360\u20139367 (2022)","DOI":"10.1609\/aaai.v36i9.21167"},{"key":"17_CR16","doi-asserted-by":"crossref","unstructured":"Guo, M., Li, J., Neumann, A., Neumann, F., Nguyen, H.: Limited query graph connectivity test. In: Proceedings of the AAAI Conference on Artificial Intelligence, vol.\u00a038, pp. 20718\u201320725 (2024)","DOI":"10.1609\/aaai.v38i18.30059"},{"key":"17_CR17","doi-asserted-by":"crossref","unstructured":"Guo, M., Ward, M., Neumann, A., Neumann, F., Nguyen, H.: Scalable edge blocking algorithms for defending active directory style attack graphs. In: Proceedings of the AAAI Conference on Artificial Intelligence, (2023) (2023)","DOI":"10.1609\/aaai.v37i5.25701"},{"key":"17_CR18","unstructured":"Hebrard, E., Hnich, B., O\u2019Sullivan, B., Walsh, T.: Finding diverse and similar solutions in constraint programming. In: AAAI, vol.\u00a05, pp. 372\u2013377 (2005)"},{"key":"17_CR19","doi-asserted-by":"crossref","unstructured":"Heckel, K.: Neuroevolution for autonomous cyber defense. In: Proceedings of Companion Conference on Genetic and Evolutionary Computation, pp. 651\u2013654 (2023)","DOI":"10.1145\/3583133.3590596"},{"key":"17_CR20","doi-asserted-by":"crossref","unstructured":"Hicks, C., Mavroudis, V., Foley, M., Davies, T., Highnam, K., Watson, T.: Canaries and whistles: Resilient drone communication networks with (or without) deep reinforcement learning. In: Proceedings of the 16th ACM Workshop on Artificial Intelligence and Security, pp. 91\u2013101 (2023)","DOI":"10.1145\/3605764.3623986"},{"key":"17_CR21","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1016\/j.ins.2022.11.019","volume":"619","author":"C Huang","year":"2023","unstructured":"Huang, C., Zhou, X., Ran, X., Liu, Y., Deng, W., Deng, W.: Co-evolutionary competitive swarm optimizer with three-phase for large-scale complex optimization problem. Inf. Sci. 619, 2\u201318 (2023)","journal-title":"Inf. Sci."},{"key":"17_CR22","unstructured":"Microsoft: Microsoft digital defense report (2023). https:\/\/www.microsoft.com\/en\/security\/security-insider\/microsoft-digital-defense-report-2023\/"},{"key":"17_CR23","unstructured":"Molina-Markham, A., Winder, R.K., Ridley, A.: Network defense is not a game. arXiv preprint arXiv:2104.10262 (2021)"},{"key":"17_CR24","doi-asserted-by":"publisher","first-page":"118","DOI":"10.1016\/j.cor.2016.05.005","volume":"75","author":"AK Nandi","year":"2016","unstructured":"Nandi, A.K., Medal, H.R., Vadlamani, S.: Interdicting attack graphs to protect organizations from cyber attacks: A bi-level defender-attacker model. Comput. Oper. Res. 75, 118\u2013131 (2016)","journal-title":"Comput. Oper. Res."},{"key":"17_CR25","doi-asserted-by":"crossref","unstructured":"Neumann, A., Antipov, D., Neumann, F.: Coevolutionary pareto diversity optimization. In: Proceedings of the Genetic and Evolutionary Computation Conference, pp. 832\u2013839 (2022)","DOI":"10.1145\/3512290.3528755"},{"key":"17_CR26","doi-asserted-by":"crossref","unstructured":"Neumann, A., Xie, Y., Neumann, F.: Evolutionary algorithms for limiting the effect of uncertainty for the knapsack problem with stochastic profits. In: International Conference on Parallel Problem Solving from Nature (2022)","DOI":"10.1007\/978-3-031-14714-2_21"},{"key":"17_CR27","doi-asserted-by":"crossref","unstructured":"Ngo, H.Q., Guo, M., Nguyen, H.: Optimizing cyber response time on temporal active directory networks using decoys. arXiv preprint arXiv:2403.18162 (2024)","DOI":"10.1145\/3638529.3654035"},{"key":"17_CR28","unstructured":"Ngo, Q.H., Guo, M., Nguyen, H.: Near optimal strategies for honeypots placement in dynamic and large active directory networks. In: The 22nd International Conference on Autonomous Agents and Multiagent Systems (2023). extended Abstract"},{"issue":"8","key":"17_CR29","doi-asserted-by":"publisher","first-page":"3779","DOI":"10.1109\/TNNLS.2021.3121870","volume":"34","author":"TT Nguyen","year":"2021","unstructured":"Nguyen, T.T., Reddi, V.J.: Deep reinforcement learning for cyber security. IEEE Trans. Neural Netw. Learn. Syst. 34(8), 3779\u20133795 (2021)","journal-title":"IEEE Trans. Neural Netw. Learn. Syst."},{"key":"17_CR30","doi-asserted-by":"crossref","unstructured":"Nikfarjam, A., Rothenberger, R., Neumann, F., Friedrich, T.: Evolutionary diversity optimisation in constructing satisfying assignments. In: Proceedings of the Genetic and Evolutionary Computation Conference, pp. 938\u2013945 (2023)","DOI":"10.1145\/3583131.3590517"},{"key":"17_CR31","unstructured":"Pr\u00e9bot, B., Du, Y., Xi, X., Gonzalez, C.: Cognitive models of dynamic decision in autonomous intelligent cyber defense. In: International Conference on Autonomous Intelligent Cyber-defense Agents, Bordeaux, France (2022)"},{"key":"17_CR32","unstructured":"Schulman, J., Wolski, F., Dhariwal, P., Radford, A., Klimov, O.: Proximal policy optimization algorithms. arXiv preprint arXiv:1707.06347 (2017)"},{"key":"17_CR33","unstructured":"Team, M.D.R.: Cyberbattlesim. In: Seifert, C., et al. (eds.) (2021). https:\/\/github.com\/microsoft\/cyberbattlesim"},{"key":"17_CR34","doi-asserted-by":"crossref","unstructured":"Zhang, Y., Ward, M., Guo, M., Nguyen, H.: A scalable double oracle algorithm for hardening large active directory systems. In: The 18th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS), Melbourne, Australia, vol. 2023 (2023)","DOI":"10.1145\/3579856.3590343"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2024"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-70879-4_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,4]],"date-time":"2024-09-04T19:06:18Z","timestamp":1725476778000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-70879-4_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031708787","9783031708794"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-70879-4_17","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"5 September 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Bydgoszcz","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Poland","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 September 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 September 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/esorics2024.org","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}