{"id":"https://openalex.org/W4307964230","doi":"https://doi.org/10.1145/3560830.3563732","title":"Bridging Automated to Autonomous Cyber Defense","display_name":"Bridging Automated to Autonomous Cyber Defense","publication_year":2022,"publication_date":"2022-11-02","ids":{"openalex":"https://openalex.org/W4307964230","doi":"https://doi.org/10.1145/3560830.3563732"},"language":"en","primary_location":{"id":"doi:10.1145/3560830.3563732","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3560830.3563732","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3560830.3563732","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 15th ACM Workshop on Artificial Intelligence and Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3560830.3563732","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5068040638","display_name":"Andy Applebaum","orcid":null},"institutions":[{"id":"https://openalex.org/I4210153776","display_name":"Apple (United States)","ror":"https://ror.org/059hsda18","country_code":"US","type":"company","lineage":["https://openalex.org/I4210153776"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Andy Applebaum","raw_affiliation_strings":["Apple, Cupertino, CA, USA"],"affiliations":[{"raw_affiliation_string":"Apple, Cupertino, CA, USA","institution_ids":["https://openalex.org/I4210153776"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5075112437","display_name":"Camron Dennler","orcid":null},"institutions":[{"id":"https://openalex.org/I4210153776","display_name":"Apple (United States)","ror":"https://ror.org/059hsda18","country_code":"US","type":"company","lineage":["https://openalex.org/I4210153776"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Camron Dennler","raw_affiliation_strings":["Apple, Cupertino, CA, USA"],"affiliations":[{"raw_affiliation_string":"Apple, Cupertino, CA, USA","institution_ids":["https://openalex.org/I4210153776"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5033071385","display_name":"Patrick C. Dwyer","orcid":"https://orcid.org/0000-0001-6751-2121"},"institutions":[{"id":"https://openalex.org/I4210153776","display_name":"Apple (United States)","ror":"https://ror.org/059hsda18","country_code":"US","type":"company","lineage":["https://openalex.org/I4210153776"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Patrick Dwyer","raw_affiliation_strings":["Apple, Cupertino, CA, USA"],"affiliations":[{"raw_affiliation_string":"Apple, Cupertino, CA, USA","institution_ids":["https://openalex.org/I4210153776"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5039600635","display_name":"Marina Moskowitz","orcid":"https://orcid.org/0009-0003-2091-6673"},"institutions":[{"id":"https://openalex.org/I4210153776","display_name":"Apple (United States)","ror":"https://ror.org/059hsda18","country_code":"US","type":"company","lineage":["https://openalex.org/I4210153776"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Marina Moskowitz","raw_affiliation_strings":["Apple, Cupertino, CA, USA"],"affiliations":[{"raw_affiliation_string":"Apple, Cupertino, CA, USA","institution_ids":["https://openalex.org/I4210153776"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5106730154","display_name":"Harold Nguyen","orcid":null},"institutions":[{"id":"https://openalex.org/I4210153776","display_name":"Apple (United States)","ror":"https://ror.org/059hsda18","country_code":"US","type":"company","lineage":["https://openalex.org/I4210153776"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Harold Nguyen","raw_affiliation_strings":["Apple, Cupertino, CA, USA"],"affiliations":[{"raw_affiliation_string":"Apple, Cupertino, CA, USA","institution_ids":["https://openalex.org/I4210153776"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5050229766","display_name":"Nicole L. Nichols","orcid":"https://orcid.org/0000-0003-3837-0069"},"institutions":[{"id":"https://openalex.org/I4210153776","display_name":"Apple (United States)","ror":"https://ror.org/059hsda18","country_code":"US","type":"company","lineage":["https://openalex.org/I4210153776"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Nicole Nichols","raw_affiliation_strings":["Apple, Cupertino, CA, USA"],"affiliations":[{"raw_affiliation_string":"Apple, Cupertino, CA, USA","institution_ids":["https://openalex.org/I4210153776"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5085361723","display_name":"Nicole Park","orcid":null},"institutions":[{"id":"https://openalex.org/I4210153776","display_name":"Apple (United States)","ror":"https://ror.org/059hsda18","country_code":"US","type":"company","lineage":["https://openalex.org/I4210153776"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Nicole Park","raw_affiliation_strings":["Apple, Cupertino, CA, USA"],"affiliations":[{"raw_affiliation_string":"Apple, Cupertino, CA, USA","institution_ids":["https://openalex.org/I4210153776"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045487145","display_name":"Paul Rachwalski","orcid":null},"institutions":[{"id":"https://openalex.org/I4210153776","display_name":"Apple (United States)","ror":"https://ror.org/059hsda18","country_code":"US","type":"company","lineage":["https://openalex.org/I4210153776"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Paul Rachwalski","raw_affiliation_strings":["Apple, Cupertino, CA, USA"],"affiliations":[{"raw_affiliation_string":"Apple, Cupertino, CA, USA","institution_ids":["https://openalex.org/I4210153776"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054319110","display_name":"Frank Rau","orcid":null},"institutions":[{"id":"https://openalex.org/I4210153776","display_name":"Apple (United States)","ror":"https://ror.org/059hsda18","country_code":"US","type":"company","lineage":["https://openalex.org/I4210153776"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Frank Rau","raw_affiliation_strings":["Apple, Cupertino, CA, USA"],"affiliations":[{"raw_affiliation_string":"Apple, Cupertino, CA, USA","institution_ids":["https://openalex.org/I4210153776"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5015424737","display_name":"Adrian Webster","orcid":null},"institutions":[{"id":"https://openalex.org/I4210153776","display_name":"Apple (United States)","ror":"https://ror.org/059hsda18","country_code":"US","type":"company","lineage":["https://openalex.org/I4210153776"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Adrian Webster","raw_affiliation_strings":["Apple, Cupertino, CA, USA"],"affiliations":[{"raw_affiliation_string":"Apple, Cupertino, CA, USA","institution_ids":["https://openalex.org/I4210153776"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5079519459","display_name":"M. Wolk","orcid":null},"institutions":[{"id":"https://openalex.org/I4210153776","display_name":"Apple (United States)","ror":"https://ror.org/059hsda18","country_code":"US","type":"company","lineage":["https://openalex.org/I4210153776"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Melody Wolk","raw_affiliation_strings":["Apple, Cupertino, CA, USA"],"affiliations":[{"raw_affiliation_string":"Apple, Cupertino, CA, USA","institution_ids":["https://openalex.org/I4210153776"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":11,"corresponding_author_ids":["https://openalex.org/A5068040638"],"corresponding_institution_ids":["https://openalex.org/I4210153776"],"apc_list":null,"apc_paid":null,"fwci":2.9775,"has_fulltext":true,"cited_by_count":22,"citation_normalized_percentile":{"value":0.91881304,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"149","last_page":"159"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8113450407981873},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.7566314935684204},{"id":"https://openalex.org/keywords/reinforcement-learning","display_name":"Reinforcement learning","score":0.7513583898544312},{"id":"https://openalex.org/keywords/automation","display_name":"Automation","score":0.7503963112831116},{"id":"https://openalex.org/keywords/orchestration","display_name":"Orchestration","score":0.600176215171814},{"id":"https://openalex.org/keywords/bridging","display_name":"Bridging (networking)","score":0.5458579063415527},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.53849196434021},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4831685423851013},{"id":"https://openalex.org/keywords/bridge","display_name":"Bridge (graph theory)","score":0.4166436791419983},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.40090489387512207},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.09348168969154358}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8113450407981873},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.7566314935684204},{"id":"https://openalex.org/C97541855","wikidata":"https://www.wikidata.org/wiki/Q830687","display_name":"Reinforcement learning","level":2,"score":0.7513583898544312},{"id":"https://openalex.org/C115901376","wikidata":"https://www.wikidata.org/wiki/Q184199","display_name":"Automation","level":2,"score":0.7503963112831116},{"id":"https://openalex.org/C199168358","wikidata":"https://www.wikidata.org/wiki/Q3367000","display_name":"Orchestration","level":3,"score":0.600176215171814},{"id":"https://openalex.org/C174348530","wikidata":"https://www.wikidata.org/wiki/Q188635","display_name":"Bridging (networking)","level":2,"score":0.5458579063415527},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.53849196434021},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4831685423851013},{"id":"https://openalex.org/C100776233","wikidata":"https://www.wikidata.org/wiki/Q2532492","display_name":"Bridge (graph theory)","level":2,"score":0.4166436791419983},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.40090489387512207},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.09348168969154358},{"id":"https://openalex.org/C104317684","wikidata":"https://www.wikidata.org/wiki/Q7187","display_name":"Gene","level":2,"score":0.0},{"id":"https://openalex.org/C126322002","wikidata":"https://www.wikidata.org/wiki/Q11180","display_name":"Internal medicine","level":1,"score":0.0},{"id":"https://openalex.org/C153349607","wikidata":"https://www.wikidata.org/wiki/Q36649","display_name":"Visual arts","level":1,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0},{"id":"https://openalex.org/C55493867","wikidata":"https://www.wikidata.org/wiki/Q7094","display_name":"Biochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C142362112","wikidata":"https://www.wikidata.org/wiki/Q735","display_name":"Art","level":0,"score":0.0},{"id":"https://openalex.org/C558565934","wikidata":"https://www.wikidata.org/wiki/Q2743","display_name":"Musical","level":2,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3560830.3563732","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3560830.3563732","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3560830.3563732","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 15th ACM Workshop on Artificial Intelligence and Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3560830.3563732","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3560830.3563732","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3560830.3563732","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 15th ACM Workshop on Artificial Intelligence and Security","raw_type":"proceedings-article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.7099999785423279,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4307964230.pdf","grobid_xml":"https://content.openalex.org/works/W4307964230.grobid-xml"},"referenced_works_count":11,"referenced_works":["https://openalex.org/W1496590343","https://openalex.org/W1539216098","https://openalex.org/W2015787697","https://openalex.org/W2120839938","https://openalex.org/W2946586657","https://openalex.org/W2963523627","https://openalex.org/W3003546983","https://openalex.org/W3107852229","https://openalex.org/W3126852256","https://openalex.org/W4224233018","https://openalex.org/W4281388209"],"related_works":["https://openalex.org/W79913212","https://openalex.org/W2094884983","https://openalex.org/W2378898096","https://openalex.org/W560952460","https://openalex.org/W2290927522","https://openalex.org/W4283579741","https://openalex.org/W3066706303","https://openalex.org/W876159576","https://openalex.org/W2943612818","https://openalex.org/W4385152897"],"abstract_inverted_index":{"Leveraging":[0],"security":[1,7,55],"automation":[2,68],"and":[3,13,27,35,56,123],"orchestration":[4],"technologies":[5],"enables":[6],"analysts":[8],"to":[9,15,22,46,69,134,136],"respond":[10],"more":[11,152],"quickly":[12],"accurately":[14],"threats.":[16],"However,":[17,113],"current":[18],"tooling":[19],"is":[20],"limited":[21],"automating":[23],"very":[24],"finely":[25],"scoped":[26],"hand-coded":[28],"situations,":[29],"such":[30],"as":[31,156,158],"quarantining":[32],"known":[33,39],"malware":[34],"blocking":[36],"traffic":[37],"from":[38],"malicious":[40],"domains.":[41],"Recent":[42],"research":[43],"has":[44],"sought":[45],"bridge":[47],"the":[48,119,128,131],"gap":[49],"between":[50],"this":[51],"kind":[52],"of":[53,66,78,88,93,130],"automated":[54],"autonomous":[57,79],"cyber":[58,168],"defense,":[59],"leveraging":[60,164],"reinforcement":[61],"learning":[62],"(RL)":[63],"on":[64],"top":[65],"basic":[67],"enable":[70],"intelligent":[71],"response.":[72],"This":[73],"paper":[74],"provides":[75],"foundational":[76],"analysis":[77],"agents":[80],"trained":[81],"with":[82],"Tabular":[83,101],"Q-Learning":[84,102],"through":[85],"a":[86,91,106,141,160],"series":[87],"experiments":[89],"examining":[90],"range":[92],"network":[94],"scenarios.":[95,112],"Our":[96],"results":[97,147],"demonstrate":[98],"that":[99,117],"off-the-shelf":[100],"does":[103],"not":[104],"offer":[105],"single,":[107],"superior":[108],"solution":[109],"across":[110],"all":[111],"we":[114],"also":[115],"find":[116],"modifying":[118],"underlying":[120],"state":[121],"encoding":[122],"update":[124],"function":[125],"can":[126],"influence":[127],"robustness":[129],"defensive":[132,167],"agent":[133],"generalize":[135],"unseen":[137],"evaluation":[138],"environments":[139],"without":[140],"significant":[142],"loss":[143],"in":[144],"accuracy.":[145],"These":[146],"highlight":[148],"potential":[149],"optimizations":[150],"for":[151,162,166],"advanced":[153],"RL":[154,165],"techniques":[155],"well":[157],"provide":[159],"baseline":[161],"others":[163],"automation.":[169]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":7},{"year":2023,"cited_by_count":7}],"updated_date":"2026-04-20T07:46:08.049788","created_date":"2025-10-10T00:00:00"}