Malicious Packet Detection Technology Using Reinforcement Learning

Main Article Content

ByungWook An
JoongChan Lee
JaiSung Choi
Wonhyung Park


Machine Learning, Deep Learning, Reinforcement learning, Guidance Learning, Malicious Code Detection System.


In the present day, the advancement of 5G and Internet of Things (IoT) technology has resulted in the interconnectedness of everyday objects through networks. However, attempts to exploit networked computers for malicious purposes continue to rise while the attacks utilizing malicious codes to compromise user information's confidentiality and integrity are becoming increasingly sophisticated and intelligent. To counter these evolving threats, researches have been conducted on a method to identify malicious network packets using a combination of security control systems and Artificial Intelligence (AI) technology, especially supervised learning. Unfortunately, the current cybersecurity control systems suffer from inefficiencies in terms of both manpower and cost. Moreover, the surge in remote work has created challenges in responding swiftly to security incidents. Furthermore, the existing AI technology based on supervised learning has limitations, particularly in detecting new variants of malicious code, and its accuracy in identifying malicious code depends heavily on the quantity and quality of available data. In light of these challenges, this study, reinforcement learning is employed to overcome the limitations of the original supervised learning-based malicious packet detection system, such as high dependency on training data and the failure to detect variant malicious packets. This research proposes a malicious packet detection technology capable of addressing new malicious packets or variant types effectively.