{"id":"https://openalex.org/W4413927296","doi":"https://doi.org/10.1145/3765622","title":"Autonomous and Adaptive Cyber Incident Detection and Response in Industrial Cyber-Physical Systems Using Hierarchical Reinforcement Learning","display_name":"Autonomous and Adaptive Cyber Incident Detection and Response in Industrial Cyber-Physical Systems Using Hierarchical Reinforcement Learning","publication_year":2025,"publication_date":"2025-09-02","ids":{"openalex":"https://openalex.org/W4413927296","doi":"https://doi.org/10.1145/3765622"},"language":"en","primary_location":{"id":"doi:10.1145/3765622","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3765622","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3765622","source":{"id":"https://openalex.org/S2506189754","display_name":"ACM Transactions on Cyber-Physical Systems","issn_l":"2378-962X","issn":["2378-962X","2378-9638"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Cyber-Physical Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3765622","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5001003300","display_name":"Ayesha Babar","orcid":null},"institutions":[{"id":"https://openalex.org/I204722609","display_name":"Queen's University","ror":"https://ror.org/02y72wh86","country_code":"CA","type":"education","lineage":["https://openalex.org/I204722609"]}],"countries":["CA"],"is_corresponding":true,"raw_author_name":"Ayesha Babar","raw_affiliation_strings":["School of Computing, Queen\u2019s University, Kingston, Ontario, Canada","Queen\u2019s University, Canada"],"raw_orcid":"https://orcid.org/0009-0006-5309-4436","affiliations":[{"raw_affiliation_string":"School of Computing, Queen\u2019s University, Kingston, Ontario, Canada","institution_ids":["https://openalex.org/I204722609"]},{"raw_affiliation_string":"Queen\u2019s University, Canada","institution_ids":["https://openalex.org/I204722609"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055415812","display_name":"Talal Halabi","orcid":"https://orcid.org/0000-0002-1922-5803"},"institutions":[{"id":"https://openalex.org/I43406934","display_name":"Universit\u00e9 Laval","ror":"https://ror.org/04sjchr03","country_code":"CA","type":"education","lineage":["https://openalex.org/I43406934"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Talal Halabi","raw_affiliation_strings":["Universite Laval, Quebec, Quebec, Canada","Laval University, Canada"],"raw_orcid":"https://orcid.org/0000-0002-1922-5803","affiliations":[{"raw_affiliation_string":"Universite Laval, Quebec, Quebec, Canada","institution_ids":["https://openalex.org/I43406934"]},{"raw_affiliation_string":"Laval University, Canada","institution_ids":["https://openalex.org/I43406934"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5005563986","display_name":"Mohammad Zulkernine","orcid":"https://orcid.org/0000-0003-1697-4101"},"institutions":[{"id":"https://openalex.org/I204722609","display_name":"Queen's University","ror":"https://ror.org/02y72wh86","country_code":"CA","type":"education","lineage":["https://openalex.org/I204722609"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Mohammad Zulkernine","raw_affiliation_strings":["School of Computing, Queen\u2019s University, Kingston, Ontario, Canada","Queen\u2019s University, Canada"],"raw_orcid":"https://orcid.org/0000-0003-1697-4101","affiliations":[{"raw_affiliation_string":"School of Computing, Queen\u2019s University, Kingston, Ontario, Canada","institution_ids":["https://openalex.org/I204722609"]},{"raw_affiliation_string":"Queen\u2019s University, Canada","institution_ids":["https://openalex.org/I204722609"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5001003300"],"corresponding_institution_ids":["https://openalex.org/I204722609"],"apc_list":null,"apc_paid":null,"fwci":0.9759,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.79137422,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":95,"max":98},"biblio":{"volume":"10","issue":"1","first_page":"1","last_page":"27"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10876","display_name":"Fault Detection and Control Systems","score":0.9919000267982483,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.989799976348877,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cyber-physical-system","display_name":"Cyber-physical system","score":0.902554988861084},{"id":"https://openalex.org/keywords/reinforcement-learning","display_name":"Reinforcement learning","score":0.6138916015625},{"id":"https://openalex.org/keywords/reinforcement","display_name":"Reinforcement","score":0.5427648425102234},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.4795524775981903},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.34693557024002075},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.33340299129486084},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.3034862279891968},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.06709215044975281}],"concepts":[{"id":"https://openalex.org/C179768478","wikidata":"https://www.wikidata.org/wiki/Q1120057","display_name":"Cyber-physical system","level":2,"score":0.902554988861084},{"id":"https://openalex.org/C97541855","wikidata":"https://www.wikidata.org/wiki/Q830687","display_name":"Reinforcement learning","level":2,"score":0.6138916015625},{"id":"https://openalex.org/C67203356","wikidata":"https://www.wikidata.org/wiki/Q1321905","display_name":"Reinforcement","level":2,"score":0.5427648425102234},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.4795524775981903},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.34693557024002075},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.33340299129486084},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.3034862279891968},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.06709215044975281},{"id":"https://openalex.org/C66938386","wikidata":"https://www.wikidata.org/wiki/Q633538","display_name":"Structural engineering","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3765622","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3765622","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3765622","source":{"id":"https://openalex.org/S2506189754","display_name":"ACM Transactions on Cyber-Physical Systems","issn_l":"2378-962X","issn":["2378-962X","2378-9638"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Cyber-Physical Systems","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1145/3765622","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3765622","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3765622","source":{"id":"https://openalex.org/S2506189754","display_name":"ACM Transactions on Cyber-Physical Systems","issn_l":"2378-962X","issn":["2378-962X","2378-9638"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Cyber-Physical Systems","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320334593","display_name":"Natural Sciences and Engineering Research Council of Canada","ror":"https://ror.org/01h531d29"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4413927296.pdf","grobid_xml":"https://content.openalex.org/works/W4413927296.grobid-xml"},"referenced_works_count":29,"referenced_works":["https://openalex.org/W2065890363","https://openalex.org/W2086699924","https://openalex.org/W2109910161","https://openalex.org/W2121517924","https://openalex.org/W2188721763","https://openalex.org/W2338128881","https://openalex.org/W2892303285","https://openalex.org/W2942465044","https://openalex.org/W2952298682","https://openalex.org/W2962890638","https://openalex.org/W2964118262","https://openalex.org/W2964227312","https://openalex.org/W2964254877","https://openalex.org/W2972710806","https://openalex.org/W3027406032","https://openalex.org/W3085955590","https://openalex.org/W3121342653","https://openalex.org/W3168892396","https://openalex.org/W3216519235","https://openalex.org/W4212996499","https://openalex.org/W4214717370","https://openalex.org/W4226319939","https://openalex.org/W4293569095","https://openalex.org/W4310206563","https://openalex.org/W4315647204","https://openalex.org/W4385692460","https://openalex.org/W4387407043","https://openalex.org/W4387806828","https://openalex.org/W4412175667"],"related_works":["https://openalex.org/W4310083477","https://openalex.org/W2328553770","https://openalex.org/W2920061524","https://openalex.org/W1977959518","https://openalex.org/W2038908348","https://openalex.org/W2107890255","https://openalex.org/W2106552856","https://openalex.org/W2145821588","https://openalex.org/W2086122291","https://openalex.org/W1987513656"],"abstract_inverted_index":{"Cyber-Physical":[0],"Systems":[1],"(CPSs)":[2],"are":[3,70],"the":[4,26,41,44,62,74,83,92,97,102,134,146,156,189,199,210,215,223],"backbone":[5],"of":[6,17,56,79,87,158,225],"many":[7],"critical":[8],"infrastructures.":[9],"However,":[10,95],"they":[11],"have":[12],"introduced":[13],"an":[14,138],"uncharted":[15],"territory":[16],"security":[18,55],"vulnerabilities":[19],"and":[20,30,47,66,76,108,142,150,163,179,192,208],"attack":[21],"vectors,":[22],"mainly":[23],"due":[24],"to":[25,43,51,72,131,154,204,233],"deeply":[27],"integrated":[28],"physical":[29],"cyber":[31,52,63,147,249],"spaces.":[32],"Moreover,":[33],"in":[34,137,253],"industrial":[35,57,139,254],"CPS":[36,58,140],"settings,":[37],"network":[38,141],"openness":[39],"exposes":[40],"system":[42],"outside":[45],"world":[46],"renders":[48],"it":[49],"vulnerable":[50],"threats.":[53],"The":[54],"significantly":[59],"relies":[60],"on":[61],"incident":[64,148,250],"detection":[65,93,107,149,251],"response":[67,151],"systems":[68,90,252],"which":[69],"fundamental":[71],"ensure":[73],"continuous":[75],"proper":[77],"operation":[78],"cyber-physical":[80,230],"processes.":[81],"Among":[82],"key":[84],"configuration":[85],"parameters":[86],"these":[88,185],"defense":[89,231],"is":[91,244],"threshold.":[94],"finding":[96],"optimal":[98],"threshold":[99,152],"that":[100,123,240],"strikes":[101],"right":[103],"balance":[104],"between":[105],"missed":[106],"false-positive":[109],"rates":[110],"remains":[111],"a":[112,120,125],"challenging":[113],"problem.":[114],"In":[115,197],"this":[116],"article,":[117],"we":[118],"propose":[119],"novel":[121],"approach":[122],"leverages":[124],"Hierarchical":[126],"Reinforcement":[127],"Learning":[128],"(HRL)":[129],"architecture":[130],"autonomously":[132],"detect":[133],"dynamic":[135],"instability":[136],"respond":[143],"by":[144,187],"adapting":[145],"range":[153],"minimize":[155,205],"effects":[157],"possible":[159],"incidents.":[160],"We":[161],"developed":[162],"tested":[164],"four":[165,219],"HRL":[166,226],"algorithmic":[167,220],"variants,":[168],"each":[169],"offering":[170],"potential":[171,193],"avenues":[172],"for":[173,227,246],"optimization":[174],"with":[175,213],"its":[176],"own":[177],"strengths":[178],"limitations.":[180],"Our":[181,236],"agents":[182],"dynamically":[183],"select":[184],"ranges":[186],"assessing":[188],"expected":[190],"risk":[191],"damage":[194],"over":[195],"time.":[196],"addition,":[198],"agent\u2019s":[200],"selection":[201],"process":[202],"aims":[203],"false":[206],"positives":[207],"reduce":[209],"cost":[211],"associated":[212],"changing":[214],"selected":[216],"range.":[217],"All":[218],"adaptations":[221],"show":[222],"effectiveness":[224],"designing":[228],"adaptive":[229],"compared":[232],"static":[234],"approaches.":[235],"experimental":[237],"results":[238],"indicate":[239],"our":[241],"proposed":[242],"technique":[243],"effective":[245],"building":[247],"autonomous":[248],"CPS.":[255]},"counts_by_year":[{"year":2026,"cited_by_count":1}],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2025-10-10T00:00:00"}