English

Adaptive Security Policy Management in Cloud Environments Using Reinforcement Learning

Cryptography and Security 2025-05-15 v1 Computer Vision and Pattern Recognition Distributed, Parallel, and Cluster Computing Machine Learning Networking and Internet Architecture

Abstract

The security of cloud environments, such as Amazon Web Services (AWS), is complex and dynamic. Static security policies have become inadequate as threats evolve and cloud resources exhibit elasticity [1]. This paper addresses the limitations of static policies by proposing a security policy management framework that uses reinforcement learning (RL) to adapt dynamically. Specifically, we employ deep reinforcement learning algorithms, including deep Q Networks and proximal policy optimization, enabling the learning and continuous adjustment of controls such as firewall rules and Identity and Access Management (IAM) policies. The proposed RL based solution leverages cloud telemetry data (AWS Cloud Trail logs, network traffic data, threat intelligence feeds) to continuously refine security policies, maximizing threat mitigation, and compliance while minimizing resource impact. Experimental results demonstrate that our adaptive RL based framework significantly outperforms static policies, achieving higher intrusion detection rates (92% compared to 82% for static policies) and substantially reducing incident detection and response times by 58%. In addition, it maintains high conformity with security requirements and efficient resource usage. These findings validate the effectiveness of adaptive reinforcement learning approaches in improving cloud security policy management.

Keywords

Cite

@article{arxiv.2505.08837,
  title  = {Adaptive Security Policy Management in Cloud Environments Using Reinforcement Learning},
  author = {Muhammad Saqib and Dipkumar Mehta and Fnu Yashu and Shubham Malhotra},
  journal= {arXiv preprint arXiv:2505.08837},
  year   = {2025}
}

Comments

10 pages, 6 figures, 1 table

R2 v1 2026-06-28T23:32:01.489Z