SubstratumGraphEnv: Reinforcement Learning Environment (RLE) for Modeling System Attack Paths

Researchers developed SubstratumGraphEnv, a reinforcement learning framework that models Windows system attack paths using graph representations derived from Sysmon logs. The system combines Graph Convolutional Networks with Actor-Critic models to automate cybersecurity threat analysis and identify malicious process sequences.