Applied Sciences (Nov 2022)

Cascaded Reinforcement Learning Agents for Large Action Spaces in Autonomous Penetration Testing

  • Khuong Tran,
  • Maxwell Standen,
  • Junae Kim,
  • David Bowman,
  • Toby Richer,
  • Ashlesha Akella,
  • Chin-Teng Lin

DOI
https://doi.org/10.3390/app122111265
Journal volume & issue
Vol. 12, no. 21
p. 11265

Abstract

Read online

Organised attacks on a computer system to test existing defences, i.e., penetration testing, have been used extensively to evaluate network security. However, penetration testing is a time-consuming process. Additionally, establishing a strategy that resembles a real cyber-attack typically requires in-depth knowledge of the cybersecurity domain. This paper presents a novel architecture, named deep cascaded reinforcement learning agents, or CRLA, that addresses large discrete action spaces in an autonomous penetration testing simulator, where the number of actions exponentially increases with the complexity of the designed cybersecurity network. Employing an algebraic action decomposition strategy, CRLA is shown to find the optimal attack policy in scenarios with large action spaces faster and more stably than a conventional deep Q-learning agent, which is commonly used as a method for applying artificial intelligence to autonomous penetration testing.

Keywords