State-sponsored cyberattacks are carried out to achieve pre-planned objectives, so their impact is significant. Defenders must respond, but the scale of the attack is large and there is a possibility that unknown vulnerabilities may be exploited, making response difficult. Furthermore, excessive response can reduce user availability and disrupt work. Therefore, a response policy that can effectively defend against attacks while ensuring user availability is necessary. This paper proposes a method to address this issue by collecting the number of process hydration sessions of Bob's assets in real time and utilizing this for learning. Using this method, we trained a reinforcement learning-based policy on a cyberattack simulator. As a result, the attack duration for two attacker models was reduced by 279 and 31 time-steps, respectively, based on 100 time-steps. Furthermore, the number of "resource actions" that impede user availability during the defense process was also reduced, resulting in a policy with better overall performance.
alsweede,M mohammed. (2026). Evaluating an Availability-Aware Reinforcement Learning–Based Defensive Policy Against Cyber Attacks. Al-Noor Journal for Information Technology and Cybersecurity, 3(1), 64-74. doi: 10.69513/jncs.v3.i1.a6
MLA
alsweede,M mohammed. "Evaluating an Availability-Aware Reinforcement Learning–Based Defensive Policy Against Cyber Attacks", Al-Noor Journal for Information Technology and Cybersecurity, 3, 1, 2026, 64-74. doi: 10.69513/jncs.v3.i1.a6
HARVARD
alsweede M mohammed. (2026). 'Evaluating an Availability-Aware Reinforcement Learning–Based Defensive Policy Against Cyber Attacks', Al-Noor Journal for Information Technology and Cybersecurity, 3(1), pp. 64-74. doi: 10.69513/jncs.v3.i1.a6
CHICAGO
M mohammed alsweede, "Evaluating an Availability-Aware Reinforcement Learning–Based Defensive Policy Against Cyber Attacks," Al-Noor Journal for Information Technology and Cybersecurity, 3 1 (2026): 64-74, doi: 10.69513/jncs.v3.i1.a6
VANCOUVER
alsweede M mohammed. Evaluating an Availability-Aware Reinforcement Learning–Based Defensive Policy Against Cyber Attacks. NJITC. 2026;3(1):64-74. doi: 10.69513/jncs.v3.i1.a6