Cascaded Reinforcement Learning Agents for Large Action Spaces in Autonomous Penetration Testing
Organised attacks on a computer system to test existing defences, i.e., penetration testing, have been used extensively to evaluate network security. However, penetration testing is a time-consuming process. Additionally, establishing a strategy that resembles a real cyber-attack typically requires...
| Main Authors: | , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2022-11-01
|
| Series: | Applied Sciences |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2076-3417/12/21/11265 |
| _version_ | 1797469168358916096 |
|---|---|
| author | Khuong Tran Maxwell Standen Junae Kim David Bowman Toby Richer Ashlesha Akella Chin-Teng Lin |
| author_facet | Khuong Tran Maxwell Standen Junae Kim David Bowman Toby Richer Ashlesha Akella Chin-Teng Lin |
| author_sort | Khuong Tran |
| collection | DOAJ |
| description | Organised attacks on a computer system to test existing defences, i.e., penetration testing, have been used extensively to evaluate network security. However, penetration testing is a time-consuming process. Additionally, establishing a strategy that resembles a real cyber-attack typically requires in-depth knowledge of the cybersecurity domain. This paper presents a novel architecture, named deep cascaded reinforcement learning agents, or CRLA, that addresses large discrete action spaces in an autonomous penetration testing simulator, where the number of actions exponentially increases with the complexity of the designed cybersecurity network. Employing an algebraic action decomposition strategy, CRLA is shown to find the optimal attack policy in scenarios with large action spaces faster and more stably than a conventional deep Q-learning agent, which is commonly used as a method for applying artificial intelligence to autonomous penetration testing. |
| first_indexed | 2024-03-09T19:17:37Z |
| format | Article |
| id | doaj.art-eff9027eecda4bf7a1eb045a0d7bfb80 |
| institution | Directory Open Access Journal |
| issn | 2076-3417 |
| language | English |
| last_indexed | 2024-03-09T19:17:37Z |
| publishDate | 2022-11-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Applied Sciences |
| spelling | doaj.art-eff9027eecda4bf7a1eb045a0d7bfb802023-11-24T03:40:48ZengMDPI AGApplied Sciences2076-34172022-11-0112211126510.3390/app122111265Cascaded Reinforcement Learning Agents for Large Action Spaces in Autonomous Penetration TestingKhuong Tran0Maxwell Standen1Junae Kim2David Bowman3Toby Richer4Ashlesha Akella5Chin-Teng Lin6School of Computer Science, University of Technology Sydney, Ultimo, NSW 2007, AustraliaDefence Science and Technology Group, Edinburgh, SA 5111, AustraliaDefence Science and Technology Group, Edinburgh, SA 5111, AustraliaDefence Science and Technology Group, Edinburgh, SA 5111, AustraliaDefence Science and Technology Group, Edinburgh, SA 5111, AustraliaSchool of Computer Science, University of Technology Sydney, Ultimo, NSW 2007, AustraliaSchool of Computer Science, University of Technology Sydney, Ultimo, NSW 2007, AustraliaOrganised attacks on a computer system to test existing defences, i.e., penetration testing, have been used extensively to evaluate network security. However, penetration testing is a time-consuming process. Additionally, establishing a strategy that resembles a real cyber-attack typically requires in-depth knowledge of the cybersecurity domain. This paper presents a novel architecture, named deep cascaded reinforcement learning agents, or CRLA, that addresses large discrete action spaces in an autonomous penetration testing simulator, where the number of actions exponentially increases with the complexity of the designed cybersecurity network. Employing an algebraic action decomposition strategy, CRLA is shown to find the optimal attack policy in scenarios with large action spaces faster and more stably than a conventional deep Q-learning agent, which is commonly used as a method for applying artificial intelligence to autonomous penetration testing.https://www.mdpi.com/2076-3417/12/21/11265cybersecuritypenetration testingdeep reinforcement learninglarge action space |
| spellingShingle | Khuong Tran Maxwell Standen Junae Kim David Bowman Toby Richer Ashlesha Akella Chin-Teng Lin Cascaded Reinforcement Learning Agents for Large Action Spaces in Autonomous Penetration Testing Applied Sciences cybersecurity penetration testing deep reinforcement learning large action space |
| title | Cascaded Reinforcement Learning Agents for Large Action Spaces in Autonomous Penetration Testing |
| title_full | Cascaded Reinforcement Learning Agents for Large Action Spaces in Autonomous Penetration Testing |
| title_fullStr | Cascaded Reinforcement Learning Agents for Large Action Spaces in Autonomous Penetration Testing |
| title_full_unstemmed | Cascaded Reinforcement Learning Agents for Large Action Spaces in Autonomous Penetration Testing |
| title_short | Cascaded Reinforcement Learning Agents for Large Action Spaces in Autonomous Penetration Testing |
| title_sort | cascaded reinforcement learning agents for large action spaces in autonomous penetration testing |
| topic | cybersecurity penetration testing deep reinforcement learning large action space |
| url | https://www.mdpi.com/2076-3417/12/21/11265 |
| work_keys_str_mv | AT khuongtran cascadedreinforcementlearningagentsforlargeactionspacesinautonomouspenetrationtesting AT maxwellstanden cascadedreinforcementlearningagentsforlargeactionspacesinautonomouspenetrationtesting AT junaekim cascadedreinforcementlearningagentsforlargeactionspacesinautonomouspenetrationtesting AT davidbowman cascadedreinforcementlearningagentsforlargeactionspacesinautonomouspenetrationtesting AT tobyricher cascadedreinforcementlearningagentsforlargeactionspacesinautonomouspenetrationtesting AT ashleshaakella cascadedreinforcementlearningagentsforlargeactionspacesinautonomouspenetrationtesting AT chintenglin cascadedreinforcementlearningagentsforlargeactionspacesinautonomouspenetrationtesting |