Intelligent Penetration Testing in Dynamic Defense Environment
Authors: 
Qian Yao, Yongjie Wang, Xinli Xiong, Yang LiAuthors Info & Claims
Pages 10 - 15
Abstract
Intelligent penetration testing (PT) becomes a hotspot. However, the existing intelligent PT environment is static and determined, which does not fully consider the impact of dynamic defense. To improve the fidelity of the existing simulation environment, in this paper, we conduct intelligent PT in a dynamic defense environment based on reinforcement learning (RL). First, the simulation details of intelligent PT in a dynamic defense environment are introduced. Second, we incorporate dynamic defense to the nodes of the network topology. Then we evaluate our proposed method by using the Chain scenario of CyberbattleSim with and without dynamic defense. We also conduct the environment in a larger-scale network scenario. And we analyze the efficiency of different parameters of the RL algorithm. The experimental results show that the average cumulative rewards have decreased obviously in a dynamic defense environment. As the number of nodes increases, it becomes more difficult for an agent to converge in this case. Additionally, it's recommended that an agent adopts a compromise of exploration and exploitation when observing a dynamic environment.
References
[1]
Schwartz J, Kurniawati H. Autonomous penetration testing using reinforcement learning. arXiv preprint arXiv:1905.05965, 2019.
[2]
Tran K, Akella A, Standen M, Deep hierarchical reinforcement agents for automated penetration testing. arXiv preprint arXiv:2109.06449, 2021.
[3]
Zhou S, Liu J, Hou D, Autonomous Penetration Testing Based on Improved Deep Q-Network. Applied Sciences, 2021, 11(19): 8823.
[4]
Chen J, Hu S, Zheng H, GAIL-PT: A Generic Intelligent Penetration Testing Framework with Generative Adversarial Imitation Learning. arXiv preprint arXiv:2204.01975, 2022.
[5]
Team, M.D. CyberBattleSim. https://github.com/microsoft/cyberbattlesim, 2021.
[6]
Baillie C, Standen M, Schwartz J, Cyborg: An autonomous cyber operations research gym. arXiv preprint arXiv:2002.10667, 2020.
[7]
Li L, Fayad R, Taylor A. CyGIL: A Cyber Gym for Training Autonomous Agents over Emulated Network System. arXiv preprint arXiv:2109.03331, 2021.
[8]
Gao C, Wang Y, Xiong X, Mtdcd: an mtd enhanced cyber deception defense system. In 2021 IEEE 4th Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC). IEEE, 2021, 4: 1412-1417.
[9]
WANG Gang, WANG Zhiyi, ZHANG Enning, Signal Game Model and Migration Strategies for Mulit-stage Platform Dynamic Detense[J]. Netinfo Securty, 2021, 21(5): 48-57.
[10]
Xiong X, Ma L, Cui C. Simulation Environment of Evaluation and Optimization for Moving Target Defense: A SimPy Approach. In Proceedings of the 2019 the 9th International Conference on Communication and Network Security. 2019: 114-117.
[11]
Zennaro F M, Erdodi L. Modeling penetration testing with reinforcement learning using capture-the-flag challenges: trade-offs between model-free learning and a priori knowledge. arXiv preprint arXiv:2005.12632, 2020.
[12]
Schwartz J, Kurniawati H, El-Mahassni E. Pomdp+ information-decay: Incorporating defender's behaviour in autonomous penetration testing. In Proceeding s of the International Conference on Automated Planning and Scheduling. 2020, 30: 235-243.
[13]
Walter E, Ferguson-Walter K, Ridley A. Incorporating Deception into CyberBattleSim for Dynamic defense. arXiv preprint arXiv:2108.13980, 2021.
Index Terms
- Intelligent Penetration Testing in Dynamic Defense Environment
Recommendations
Exploring Defense of SQL Injection Attack in Penetration Testing
SQLIA is adopted to attack websites with and without confidential information. Hackers utilized the compromised website as intermediate proxy to attack others for avoiding being committed of cyber-criminal and also enlarging the scale of Distributed ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
December 2022
77 pages
ISBN:9798400700132
DOI:10.1145/3584714
Copyright © 2022 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 07 September 2023
Check for updates
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
CSW 2022
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 87Total Downloads
- Downloads (Last 12 months)70
- Downloads (Last 6 weeks)11
Reflects downloads up to 09 Nov 2024
Other Metrics
Citations
Cited By
View allView Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format