SENTIENCE — Simulation-based reinforcement-learning security operations center
Industrial IT systems that support critical societal functions are high-value
targets for advanced cyber adversaries. These systems support vital systems for
energy production, water distribution and more. To prevent data leakage or sabotage, early detection of hacking attempts is important. Due to the size and complexity of the systems in question, an automated approach for intrusion detection is desired.
Reinforcement learning is a field of machine learning focused on creating decision-making models. To efficiently perform reinforcement learning, it is sometimes necessary to construct a simulated environment that the model can learn in.
This project aims to use reinforcement learning to develop an automated and semi-autonomous security operations system. We plan to simulate parts of industrial IT-systems and utilize modern methods of reinforcement learning to automatically find strategies for intrusion detection and security operations.