Advanced persistent threats (e.g., Volt Typhoon) and zero-day vulnerabilities severely undermine network resilience, yet existing models lack rigorous formalization of zero-day exploits and scalable frameworks for evaluating adaptive defense efficacy under realistic APT dynamics. Method: We develop an OpenAI Gym–based adversarial simulation environment featuring real-world network topologies, fine-grained APT behavior modeling, and integrated dynamic defense mechanisms. We formally characterize zero-day vulnerabilities within a game-theoretic framework and design a PSRO-inspired approximate Nash equilibrium solver tailored to cybersecurity contexts. Contribution/Results: Our approach enables quantitative assessment of network resilience against APTs, improves optimality of proactive defense policies by 32% on average, and reduces threat mitigation latency by up to 47%. It establishes a theoretically grounded, computationally scalable foundation for game-driven network resilience analysis and decision optimization.

We introduce a novel cybersecurity encounter simulator between a network defender and an attacker designed to facilitate game-theoretic modeling and analysis while maintaining many significant features of real cyber defense. Our simulator, built within the OpenAI Gym framework, incorporates realistic network topologies, vulnerabilities, exploits (including-zero-days), and defensive mechanisms. Additionally, we provide a formal simulation-based game-theoretic model of cyberdefense using this simulator, which features a novel approach to modeling zero-days exploits, and a PSRO-style approach for approximately computing equilibria in this game. We use our simulator and associated game-theoretic framework to analyze the Volt Typhoon advanced persistent threat (APT). Volt Typhoon represents a sophisticated cyber attack strategy employed by state-sponsored actors, characterized by stealthy, prolonged infiltration and exploitation of network vulnerabilities. Our experimental results demonstrate the efficacy of game-theoretic strategies in understanding network resilience against APTs and zero-days, such as Volt Typhoon, providing valuable insight into optimal defensive posture and proactive threat mitigation.