Tomáš Kroupa

Arti Bandhana, Ondřej Lukáš, Sebastian Garcia et al.

The ongoing rise in cyberattacks and the lack of skilled professionals in the cybersecurity domain to combat these attacks show the need for automated tools capable of detecting an attack with good performance. Attackers disguise their actions and launch attacks that consist of multiple actions, which are difficult to detect. Therefore, improving defensive tools requires their calibration against a well-trained attacker. In this work, we propose a model of an attacking agent and environment and evaluate its performance using basic Q-Learning, Naive Q-learning, and DoubleQ-Learning, all of which are variants of Q-Learning. The attacking agent is trained with the goal of exfiltrating data whereby all the hosts in the network have a non-zero detection probability. Results show that the DoubleQ-Learning agent has the best overall performance rate by successfully achieving the goal in $70\%$ of the interactions.

David Ryzák, Tomáš Kroupa

We introduce a class of cooperative games induced by weighted directed graphs. Specifically, the coalitional value combines an internal interaction term given by the induced subgraph game with an external component based on minimal incoming edges from outside the coalition. The resulting game has a convenient representation in terms of unanimity games. This representation enables closed-form polynomial-time formulas for the Shapley and Banzhaf values. We further establish that the game has a nonempty core and is totally balanced. The class of such games therefore provides an analytically and computationally tractable example of structured network- induced cooperative games in which stability-based allocations and fairness-based solution concepts do not coincide.