The Illusion of Optimal Defense: Static Interdiction Under Adaptive and Persistent Attackers
DOI:
https://doi.org/10.1609/aaaiss.v9i1.42948Abstract
As cyber threats evolve into sophisticated multi-stage campaigns, organizations increasingly rely on optimized yet static defense strategies to protect their networks. However, these static interdiction models often underestimate the capabilities of intelligent adversaries who learn and adapt to defensive barriers. This paper proposes an adaptive attacker model based on reinforcement learning to evaluate the robustness of static defense strategies derived from the Critical Node Problem (CNP). Unlike conventional simulations that assume predictable attack patterns, our agent leverages Q-learning to dynamically discover bypass trajectories while adhering to realistic operational constraints such as local persistence and entry commitment. We evaluate this adaptive agent against defense sets optimized via integer linear programming across various budget constraints. Experimental results demonstrate that the adaptive attacker agent consistently outperforms stochastic baselines by identifying efficient detour paths, revealing a significant security gap in static defense evaluations. Our findings underscore the need for dynamic defense mechanisms that account for the evolving intelligence of modern cyber threats.
Downloads
Published
2026-06-23
How to Cite
Shin, J., Zhai, S., Carley, L. R., & Carley, K. M. (2026). The Illusion of Optimal Defense: Static Interdiction Under Adaptive and Persistent Attackers. Proceedings of the AAAI Symposium Series, 9(1), 323–330. https://doi.org/10.1609/aaaiss.v9i1.42948
Issue
Section
Human-Aware AI Agents for the Cyber Battlefield: From Human Models to Autonomous Defense (Full Papers)
