AI-Powered Cyber Defense: Leveraging Transformer Models and eXplainable Reinforcement Learning Methods for Advanced Intrusion Detection and Response System
Researchers from Old Dominion University, Virginia Commonwealth University, Christopher Newport University
Researchers will introduce a method that integrates transformer encoder, decision transformer, and eXplainable Reinforcement Learning (XRL) methods to build an AI-powered Intrusion Detection and Response Systems (IDRS).
Funded by the CCI Hub
Project Investigators
- Principal Investigator (PI): Mohammad GhasemiGol, Old Dominion University School of Cybersecurity.
- Co-PI: Daniel Takabi, Old Dominion University School of Cybersecurity.
- Co-PI: Yuichi Motai, Virginia Commonwealth University Department of Electrical and Computer Engineering.
- Co-PI: Simegnew Yihunie Alaba, Virginia Commonwealth University Department of Electrical and Computer Engineering.
- Co-PI: Michael S. Lapke, Christopher Newport University School of Engineering and Computing.
Rationale
Advanced IDRS are essential for defending networks. However, the overwhelming volume of alerts generated by an intrusion detection system (IDS) makes manual response impractical.
Additionally, effectiveness is often undermined by difficulties in accurately estimating response costs, assessing the network situation, and providing clear explanations for chosen responses.
Projected Outcomes
Researchers will:
- Develop a preprocessing module to normalize network traffic.
- Design a cutting-edge IDS utilizing transformer architecture for better handling of complex and multi-stage attacks.
- Develop an automated intrusion response system based on a decision transformer to optimize responses that are dynamically based on real-time analysis.
- Leverage XRL methods to enhance transparency and interpretability of intrusion responses.