Network- and Device-Level Cyber Deception for Contested Environments Using RL and LLMs

Computer Science > Cryptography and Security [Submitted on 18 Mar 2026] Network- and Device-Level Cyber Deception for Contested Environments Using RL and LLMs Abhijeet Sahu, Shuva Paul, Rochard Macwan Cyber deception assists in increasing the attacker's budget in reconnaissance or any early phases of threat intrusions. In the past, numerous methods of cyber deception have been adopted, such as IP address randomization, the creation of honeypots and honeynets mimicking an actual set of services, and networks deployed within an enterprise or operational technology(OT) network. These types of strategies follow naive approaches of recreating services that are expensive and that need a lot of human intervention. The advent of cloud services and other automations of containerized applications, such as Kubernetes, makes cyber defense easier. Yet, there remains a lot of potential to improve the accuracy of these deception strategies and to make them cost-effective using artificial intelligence (AI)-based solutions by making the deception more dynamic. Hence, in this work, we review various AI-based solutions in building network- and device-level cyber deception methods in contested environments. Specifically, we focus on leveraging the fusion of large language models (LLMs) and reinforcement learning(RL) in optimally learning these cyber deception strategies and validating the efficacy of such strategies in some stealthy attacks against OT systems in the literature. Comments: 10 pages, 5 figures Subjects: Cryptography and Security (cs.CR); Emerging Technologies (cs.ET) Cite as: arXiv:2603.17272 [cs.CR]   (or arXiv:2603.17272v1 [cs.CR] for this version)   https://doi.org/10.48550/arXiv.2603.17272 Focus to learn more Submission history From: Abhijeet Sahu [view email] [v1] Wed, 18 Mar 2026 01:51:59 UTC (832 KB) Access Paper: HTML (experimental) view license Current browse context: cs.CR < prev   |   next > new | recent | 2026-03 Change to browse by: cs cs.ET References & Citations NASA ADS Google Scholar Semantic Scholar Export BibTeX Citation Bookmark Bibliographic Tools Bibliographic and Citation Tools Bibliographic Explorer Toggle Bibliographic Explorer (What is the Explorer?) Connected Papers Toggle Connected Papers (What is Connected Papers?) Litmaps Toggle Litmaps (What is Litmaps?) scite.ai Toggle scite Smart Citations (What are Smart Citations?) Code, Data, Media Demos Related Papers About arXivLabs Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)