PENETRATION TESTING USING DEEP REINFORCEMENT LEARNING
DOI:
https://doi.org/10.28925/2663-4023.2024.23.1730Keywords:
penetration testing; artificial intelligence; machine learning; reinforcement learning; network security audit; offensive cybersecurity; vulnerability assessment.Abstract
Traditionally, penetration testing is performed by experts who manually simulate attacks on computer networks to assess their security and identify vulnerabilities. However, recent research highlights the significant potential for automating this process through deep reinforcement learning. The development of automated testing systems promises to significantly increase the accuracy, speed and efficiency of vulnerability detection and remediation. In the pre-testing phase, artificial intelligence can be used to automatically create a realistic network topology, including the development of a tree of possible attacks. The use of deep learning methods, such as Deep Q-Learning, allows the system to determine the best attack paths, making the penetration process more strategic and informed. Automated penetration testing systems can serve as effective training tools for cybersecurity professionals. They allow attacks to be simulated in a controlled training environment, providing users with the opportunity to analyse different intrusion strategies and techniques, and serve as a training tool for detecting and responding to real-world attacks. This approach promotes a deep understanding of potential threats and develops the skills to effectively defend against them. In addition, the use of machine learning can help solve the problem of large numbers of false positives, which is a common problem in traditional security systems. Deep reinforcement learning offers the opportunity to create more adaptive scanning systems that can learn and adapt to changing threat patterns. Such systems are not only more efficient, but also able to operate with fewer errors, reducing the burden of human error. As a result, they can identify vulnerabilities that humans may not, providing a deeper and more comprehensive security analysis. This approach has the potential to revolutionise the cybersecurity industry, offering new strategies for protecting information systems and creating more robust network structures.
Downloads
References
Academic: Attack Trees - Schneier on Security. (n.d.). Schneier on Security. https://www.schneier.com/academic/archives/1999/12/attack_trees.html
Cyprom - Pentesting Project Management :: Gonkar IT security. (n.d.). Gonkar IT Security :: Cybersecurity Services. https://gonkar.com/cyprom
The Dark Side Of The Internet: A Search Engine That Finds Unsecured Routers, Servers & A Whole Lot More. (n.d.). Search Engine Land. https://searchengineland.com/the-dark-side-of-the-internet-a-search-engine-that-finds-unsecured-routers-servers-a-whole-lot-more-154943
HIPAA home. (n.d.). HHS.gov. https://www.hhs.gov/hipaa/index.html
Hoffmann, J. (2015). Simulated penetration testing: From “dijkstra” to “turing test++”. Proceedings of the International Conference on Automated Planning and Scheduling, 25, 364–372. https://doi.org/10.1609/icaps.v25i1.13684
Metasploit|Penetration Testing Software, Pen Testing Security|Metasploit. (n.d.). Metasploit. https://www.metasploit.com/
Yousefi, M., et al. (2018). A reinforcement learning approach for attack graph analysis. 2018 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/ 12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE). https://doi.org/10.1109/TrustCom/BigDataSE.2018.00041
Nguyen, T., & Reddi, V. (2021). Deep reinforcement learning for cyber security. IEEE Transactions on Neural Networks and Learning Systems, 1–17. https://doi.org/10.1109/tnnls.2021.3121870
NVD - CVSS v3 Calculator. (n.d.). NVD - Home. https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator
Official PCI security standards council site. (n.d.). PCI Security Standards Council. https://www.pcisecuritystandards.org/
Oriyano, S.-P. (2017). Penetration testing essentials. Wiley & Sons, Limited, John.
Sembiring, J., et al. (2015). Network security risk analysis using improved mulval bayesian attack graphs. Int. J. Electrical Eng. Inf. 7(4), 735–753. https://doi.org/10.15676/ijeei.2015.7.4.15
What is Shodan? The search engine for everything on the internet. (n.d.). CSO Online. https://www.csoonline.com/article/565528/what-is-shodan-the-search-engine-for-everything-on-the-internet.html
Published
How to Cite
Issue
Section
License
Copyright (c) 2024 Анастасія Толкачова, Максим-Микола Посувайло
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
