Padur, Kärt;
(2025)
Learning to Conduct, and Defend against, Hybrid Attacks.
Doctoral thesis (Ph.D), UCL (University College London).
![[thumbnail of Padur_10214068_Thesis.pdf]](https://discovery.ucl.ac.uk/style/images/fileicons/text.png) |
Text
Padur_10214068_Thesis.pdf Access restricted to UCL open access staff until 1 October 2026. Download (8MB) |
Abstract
Hybrid threats are adversarial actions conducted across multiple domains to harm a target. In the digital space, adversaries coordinate cyberattacks against critical infrastructure with disinformation campaigns in social networks, achieving a greater overall effect than the sum of the parts. Integrating artificial intelligence and machine learning into these threats could further complicate defences and weaken social resilience. While individual components of hybrid threats have been extensively studied, research on their multi-domain nature remains limited. Existing defences often rely on static, human-centric approaches focused on single domains, limiting their effectiveness against adaptive hybrid attacks. In addition, research on applying resilience principles to assess the impact of such threats on societal groups is still lacking. To address these gaps, we develop a multi-agent reinforcement learning approach that models the coevolution of attacker strategies involving cyberattacks and disinformation campaigns and defender responses within a cyber-physical-social system. With this approach, we capture the dynamic interactions between attackers and defenders and their impact on social resilience. We formulate hybrid threats and defensive countermeasures as a multi-agent decision-making problem, defining Markov Decision Processes for attackers and defenders. We introduce these deep reinforcement learning agents into a simulation environment, enabling them to learn to conduct and defend against hybrid attacks. We implement a trust-based model to assess social resilience against these disruptions. Our results show that attackers and defenders iteratively refine their strategies. As defenders struggle to counter disinformation, attackers increasingly prioritise it to evade defences. Our analysis indicates that both direct and indirect exposure to hybrid attacks erodes public trust. This research contributes to the growing body of research on autonomous hybrid threats and defences. Our findings highlight the importance of adaptive defences against evolving adversarial behaviours, the potential impact of hybrid threats, and the need for targeted interventions to strengthen resilience across different societal groups.
| Type: | Thesis (Doctoral) |
|---|---|
| Qualification: | Ph.D |
| Title: | Learning to Conduct, and Defend against, Hybrid Attacks |
| Language: | English |
| Additional information: | Copyright © The Author 2025. Original content in this thesis is licensed under the terms of the Creative Commons Attribution-NonCommercial 4.0 International (CC BY-NC 4.0) Licence (https://creativecommons.org/licenses/by-nc/4.0/). Any third-party copyright material present remains the property of its respective owner(s) and is licensed under its existing terms. Access may initially be restricted at the author’s request. |
| UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science |
| URI: | https://discovery.ucl.ac.uk/id/eprint/10214068 |
Archive Staff Only
 |
View Item |
