An Adaptive Dynamic Defense Strategy for Microservices Based on Deep Reinforcement Learning

Aiming at the problem that it is difficult to balance security defense and quality of service in a dynamic cloud-native environment, an adaptive dynamic defense strategy (AD2S) for microservices based on deep reinforcement learning is proposed. First, a microservice attack graph model is constructed to extract security threats from multiple dimensions. Combined with queuing theory, the relationships among security performance, quality of service, cleaning cycle, and replica quantity are established to quantitatively model the effectiveness of defense. Subsequently, an adaptive defense framework is designed, which includes state monitoring, policy deployment, and optimization algorithms based on deep reinforcement learning, providing a rapid update solution for the optimal system configuration of microservices under dynamic traffic requests. The experimental results show that under dynamic traffic requests, compared with the existing DSEOM and OADSF strategies, AD2S improves the defense effectiveness by 34.38% and 10.29%, respectively, while ensuring the quality of service, significantly enhancing the system’s security adaptive ability.