{"title":"面向全战役仿真的强化学习连续网络测试","authors":"Tyler Cody, P. Beling, Laura Freeman","doi":"10.1109/AUTOTESTCON47462.2022.9984769","DOIUrl":null,"url":null,"abstract":"Modern automated penetration testing uses rule-based procedures and model-checking concepts to search through all possible attacks on network models and identify those that violate some correctness or security property by generating an attack graph. By generating all possible attacks, modern, top-down approaches inherently do not isolate the few attacks that matter the most. This weakness is exacerbated in future network settings like 5G and Internet of Things (IoT) settings where networks are expected to have thousands of hosts (or more) and evolve over time. This has created a perception that the attack graph concept itself is inadequate, in turn hindering the automation of cyber testing. Recent research re-positions automated attack graph generation as a best practice in cyber defense by applying deep reinforcement learning (RL). While recent research into penetration testing with RL has seen a rapid growth in interest, a clear concept of operational use has not been defined. We define and provide formalism for the concept of whole campaign emulation (WCE). We present WCE as both a challenge problem and a framework for automating cyber T&E with RL. This manuscript captures an RL-oriented perspective on the past, present, and future of attack graph generation, and serves as a primer from researchers and practitioners alike. With WCE, organizations from small businesses to nation-states can feasibly institute continuous cyber T&E with low test costs and low disruption to operations.","PeriodicalId":298798,"journal":{"name":"2022 IEEE AUTOTESTCON","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Towards Continuous Cyber Testing with Reinforcement Learning for Whole Campaign Emulation\",\"authors\":\"Tyler Cody, P. Beling, Laura Freeman\",\"doi\":\"10.1109/AUTOTESTCON47462.2022.9984769\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Modern automated penetration testing uses rule-based procedures and model-checking concepts to search through all possible attacks on network models and identify those that violate some correctness or security property by generating an attack graph. By generating all possible attacks, modern, top-down approaches inherently do not isolate the few attacks that matter the most. This weakness is exacerbated in future network settings like 5G and Internet of Things (IoT) settings where networks are expected to have thousands of hosts (or more) and evolve over time. This has created a perception that the attack graph concept itself is inadequate, in turn hindering the automation of cyber testing. Recent research re-positions automated attack graph generation as a best practice in cyber defense by applying deep reinforcement learning (RL). While recent research into penetration testing with RL has seen a rapid growth in interest, a clear concept of operational use has not been defined. We define and provide formalism for the concept of whole campaign emulation (WCE). We present WCE as both a challenge problem and a framework for automating cyber T&E with RL. This manuscript captures an RL-oriented perspective on the past, present, and future of attack graph generation, and serves as a primer from researchers and practitioners alike. With WCE, organizations from small businesses to nation-states can feasibly institute continuous cyber T&E with low test costs and low disruption to operations.\",\"PeriodicalId\":298798,\"journal\":{\"name\":\"2022 IEEE AUTOTESTCON\",\"volume\":\"6 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-08-29\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE AUTOTESTCON\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/AUTOTESTCON47462.2022.9984769\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE AUTOTESTCON","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AUTOTESTCON47462.2022.9984769","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Towards Continuous Cyber Testing with Reinforcement Learning for Whole Campaign Emulation
Modern automated penetration testing uses rule-based procedures and model-checking concepts to search through all possible attacks on network models and identify those that violate some correctness or security property by generating an attack graph. By generating all possible attacks, modern, top-down approaches inherently do not isolate the few attacks that matter the most. This weakness is exacerbated in future network settings like 5G and Internet of Things (IoT) settings where networks are expected to have thousands of hosts (or more) and evolve over time. This has created a perception that the attack graph concept itself is inadequate, in turn hindering the automation of cyber testing. Recent research re-positions automated attack graph generation as a best practice in cyber defense by applying deep reinforcement learning (RL). While recent research into penetration testing with RL has seen a rapid growth in interest, a clear concept of operational use has not been defined. We define and provide formalism for the concept of whole campaign emulation (WCE). We present WCE as both a challenge problem and a framework for automating cyber T&E with RL. This manuscript captures an RL-oriented perspective on the past, present, and future of attack graph generation, and serves as a primer from researchers and practitioners alike. With WCE, organizations from small businesses to nation-states can feasibly institute continuous cyber T&E with low test costs and low disruption to operations.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
