Despite extensive research on optimal control formulations for cyber threat mitigation, a significant gap persists between theoretical and practical implementation in real-time scenarios. The open-loop structure of the optimal control framework is insufficiently robust for effectively addressing cyber threats. To overcome this, adopting a model learning process that iteratively updates the optimal control strategy is proposed. This paper proposes an innovative approach to addressing cybersecurity attacks in the Internet of Things (IoT) networks by integrating reinforcement learning (RL) and model predictive control (MPC) in a hybrid framework to optimize control parameters and enhance system effectiveness in combating malware. This novel approach aims to overcome the limitations of the previous approaches and establish superior control strategies for IoT network security. This approach enhances the adaptability and responsiveness of the mitigation process, improving the handling of evolving cyber threats in real-world applications. This framework enhances the security and resilience of IoT networks against malicious activities, offering a robust solution for mitigating cyber threats by leveraging RL algorithms and the proactive capabilities of MPC. A comprehensive evaluation demonstrates the effectiveness and efficiency of the hybrid framework, highlighting its potential to protect IoT networks from evolving cybersecurity risks. The primary aim extends beyond using an RL agent solely for computing control actions to optimize closed-loop performance and stability. It also leverages RL to estimate model parameters that are currently unknown but within known bounds. Our main objective in using the RL agent is to accurately estimate unidentified model parameters within specified limits. The simulation results provide compelling evidence supporting the effectiveness of this methodology in mitigating malware propagation, highlighting its superior performance compared to state-of-the-art methods. RLMPC rapidly initiated recovery, achieving full network restoration in 8 seconds and recovering 60 IoT devices. Also, the evaluation focused on average speed, scalability, and performance under various cyber-attack scenarios.

中文翻译：

---

最大限度地减少恶意软件在物联网网络中的传播：使用反馈循环方法的最佳控制


尽管对缓解网络威胁的最佳控制公式进行了广泛的研究，但在实时场景中的理论和实际实施之间仍然存在巨大差距。最佳控制框架的开环结构不够健壮，无法有效应对网络威胁。为了克服这个问题，提出了一种迭代更新最优控制策略的模型学习过程。本文提出了一种解决物联网 （IoT） 网络中网络安全攻击的创新方法，方法是将强化学习 （RL） 和模型预测控制 （MPC） 集成到混合框架中，以优化控制参数并提高系统在打击恶意软件方面的有效性。这种新颖的方法旨在克服以前方法的局限性，并为 IoT 网络安全建立卓越的控制策略。这种方法增强了缓解过程的适应性和响应能力，从而改善了在实际应用中对不断变化的网络威胁的处理。该框架增强了 IoT 网络针对恶意活动的安全性和弹性，通过利用 RL 算法和 MPC 的主动功能为缓解网络威胁提供了强大的解决方案。综合评估展示了混合框架的有效性和效率，突出了其保护 IoT 网络免受不断变化的网络安全风险的潜力。主要目标不仅限于将 RL 代理用于计算控制操作，以优化闭环性能和稳定性。它还利用 RL 来估计当前未知但在已知范围内但的模型参数。 我们使用 RL 代理的主要目标是准确估计指定范围内未识别的模型参数。模拟结果提供了令人信服的证据，支持这种方法在缓解恶意软件传播方面的有效性，突出了与最先进的方法相比，其卓越的性能。RLMPC 快速启动恢复，8 秒实现全网恢复，恢复 60 台 IoT 设备。此外，评估还侧重于各种网络攻击场景下的平均速度、可扩展性和性能。