Ontology and Reinforcement Learning Based Intelligent Agent Automatic Penetration Test

Qian, Kexiang; Zhang, Daojuan; Zhang, Peng; Zhou, Zhihong; Chen, Xiuzhen; Duan, Shengxiong

doi:10.1109/icaica52286.2021.9497911

Cited by 9 publications

(5 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…AI-driven penetration testing tools, which can adjust their strategies based on real-time data, can simulate complex cyber-attack scenarios more dynamically and realistically than traditional methods [120]. Dynamic Penetration Testing [45], [44], [43], [140] Penetration Testing Optimization [103], [57], [64], [30], [178], [142], [71], [78] Penetration Testing in Large-Scale Network [101], [190], [47], [100] Fuzz Testing Fuzz Data Generation [104], [127], [148], [198] Fuzz Testing Performance Improvement…”

Section: Penetration Testingmentioning

confidence: 99%

“…This methodology employs the Deep Deterministic Policy Gradient (DDPG) model to enhance the fuzzing process, thereby optimizing the identi cation of software vulnerabilities while adhering e ciently to format constraints (Article [50]). Hybrid frameworks that combine ontologybased cognitive Belief-Desire-Intention (BDI)-agent with RL techniques optimize attack planning and execution, handling dynamic and uncertain environments e ciently (Article [142]). These frameworks utilize a knowledge base derived from expert penetration testers to systematically learn and adapt, improving the overall e cacy of penetration tests.…”

Section: Reinforcementmentioning

confidence: 99%

See 1 more Smart Citation

Artificial intelligence for system security assurance: A systematic literature review

Wen,

Shukla,

Katt

2024

Preprint

View full text Add to dashboard Cite

System Security Assurance (SSA) has emerged as a critical methodology for organizations to verify the trustworthiness of their systems by evaluating security measures against industry standards, legal requirements, and best practices to identify any weakness and demonstrate compliance. In recent years, the role of Artificial Intelligence (AI) in enhancing cybersecurity has received increased attention, with an increasing number of literature reviews highlighting its diverse applications. However, there remains a significant gap in comprehensive reviews that specifically address the integration of AI within SSA frameworks. This systematic literature review seeks to fill this research gap by assessing the current state of AI in SSA, identifying key areas where AI contributes to improve SSA processes, highlighting the limitations of current methodologies, and providing the guidance for future advancements in the field of AI-driven SSA.

show abstract

Section: Penetration Testingmentioning

confidence: 99%

Section: Reinforcementmentioning

confidence: 99%

Artificial intelligence for system security assurance: A systematic literature review

Wen,

Shukla,

Katt

2024

Preprint

View full text Add to dashboard Cite

show abstract

“…PTassesses information security from the attacker's perspective. Trough PT of companies, organisations, or departments, we understand their information security policies and network vulnerabilities and give possible solutions and remedies to improve network security [14]. As network equipment and defence detection systems continue to upgrade, the complexity of performing the PT process has increased dramatically.…”

Section: Ptand Its Automationmentioning

confidence: 99%

“…. k { } do (7) Sample k transition data with priority from the sum tree (8) a←t * σ, b←(t + 1) * σ, (9) v← generate a random number between a and b (10) Transition τ t and corresponding priority are obtained according to a random number v (11) Compute importance sampling weight for each transition τ t (12) end for (13) Train this batch size of transition and compute the TD error according to the weight (14) Update transition priority according to the TD error ALGORITHM 1: Implements PER with the sum tree structure.…”

Section: Rl Settings For Ptmentioning

confidence: 99%

“…. S { } do (10) Sample action A from the behaviour policy (11) Te environment performs A and gives back R(reward), and the agent observes (S, A, R, S′) (12) Push the transition τ(S, A, R, S′) into D interact , overwriting oldest interaction transition if over capacity of D interact (13) Sample a batch size of k transitions from D replay with prioritization (14) Calculate loss J(Q) using the target network (15) Perform a gradient descent step to update the weights for the policy network θ (16) S′←S, the state transitions from S to S′ (17) end for (18) ifumodf f � 0thenθ′←θend if (19) of computer networks and cyber security concepts. We construct a simulated network scene through CBS and encapsulate this network scene into a gym environment where we can interact with an agent and further combine it with RL-related algorithms for our experiments.…”

Section: Main Experimental Proceduresmentioning

confidence: 99%

See 1 more Smart Citation

DQfD-AIPT: An Intelligent Penetration Testing Framework Incorporating Expert Demonstration Data

Wang

Xiong

et al. 2023

Security and Communication Networks

View full text Add to dashboard Cite

The application of reinforcement learning (RL) methods of artificial intelligence for penetration testing (PT) provides a solution to the current problems of high labour costs and high reliance on expert knowledge for manual PT. In order to improve the efficiency of RL algorithms for PT, existing research has considered bringing in the knowledge of PT experts and combining it with the use of imitative learning methods to guide the agent in its decision-making. However, the disadvantage of using imitation learning is also obvious; that is, the performance of the strategies learned by the agent hardly exceeds the demonstrated behaviour of the expert and it can also cause expert knowledge overfitting. At the same time, the expert knowledge in the currently proposed method is poorly interpretable and highly scenario-dependent. The expert knowledge used in these methods is not universal. To address these issues, we propose an intelligent PT framework named DQfD-AIPT. The framework encompasses the process of collecting and using expert knowledge and provides a rational definition of the structure of expert knowledge. To solve the overfitting problem, we perform PT path planning based on the deep Q-learning from demonstrations (DQfD) algorithm. DQfD combines the benefits of RL and imitation learning to effectively improve the PT strategy and performance of agents while avoiding overfitting. Finally, we conducted experiments in a simulated network scenario containing honeypots. The experimental results proved the effectiveness of expert knowledge incorporation. In addition, the DQfD algorithm can improve the efficiency of penetration testing more effectively than that by the classical deep reinforcement learning (DRL) method and can obtain a higher cumulative reward. Not only that, due to the incorporation of expert knowledge, in scenarios with honeypots, the DQfD method can effectively reduce the probability of interacting with honeypots compared to the classical DRL method.

show abstract

Towards AI-powered Cybersecurity Attack Modeling with Simulation Tools: Review of Attack Simulators

Jaber

Fritsch

2022

Advances on P2P, Parallel, Grid, Cloud and Internet Computing

View full text Add to dashboard Cite

Ontology and Reinforcement Learning Based Intelligent Agent Automatic Penetration Test

Cited by 9 publications

References 6 publications

Artificial intelligence for system security assurance: A systematic literature review

Artificial intelligence for system security assurance: A systematic literature review

DQfD-AIPT: An Intelligent Penetration Testing Framework Incorporating Expert Demonstration Data

Towards AI-powered Cybersecurity Attack Modeling with Simulation Tools: Review of Attack Simulators

Contact Info

Product

Resources

About