Next Article in Journal
Complex q-Rung Orthopair Fuzzy Aggregation Operators and Their Applications in Multi-Attribute Group Decision Making
Next Article in Special Issue
Identifying WeChat Message Types without Using Traditional Traffic
Previous Article in Journal
Rating Prediction Algorithm Based on User Time-Sensitivity
Previous Article in Special Issue
AndroShield: Automated Android Applications Vulnerability Detection, a Hybrid Static and Dynamic Analysis Approach
Open AccessArticle

Reinforcement Learning for Efficient Network Penetration Testing

School of Mathematics Computer Science and Engineering, University of London, London EC1V 0HB, UK
*
Author to whom correspondence should be addressed.
Information 2020, 11(1), 6; https://doi.org/10.3390/info11010006
Received: 22 November 2019 / Revised: 9 December 2019 / Accepted: 16 December 2019 / Published: 20 December 2019
(This article belongs to the Special Issue Machine Learning for Cyber-Security)
Penetration testing (also known as pentesting or PT) is a common practice for actively assessing the defenses of a computer network by planning and executing all possible attacks to discover and exploit existing vulnerabilities. Current penetration testing methods are increasingly becoming non-standard, composite and resource-consuming despite the use of evolving tools. In this paper, we propose and evaluate an AI-based pentesting system which makes use of machine learning techniques, namely reinforcement learning (RL) to learn and reproduce average and complex pentesting activities. The proposed system is named Intelligent Automated Penetration Testing System (IAPTS) consisting of a module that integrates with industrial PT frameworks to enable them to capture information, learn from experience, and reproduce tests in future similar testing cases. IAPTS aims to save human resources while producing much-enhanced results in terms of time consumption, reliability and frequency of testing. IAPTS takes the approach of modeling PT environments and tasks as a partially observed Markov decision process (POMDP) problem which is solved by POMDP-solver. Although the scope of this paper is limited to network infrastructures PT planning and not the entire practice, the obtained results support the hypothesis that RL can enhance PT beyond the capabilities of any human PT expert in terms of time consumed, covered attacking vectors, accuracy and reliability of the outputs. In addition, this work tackles the complex problem of expertise capturing and re-use by allowing the IAPTS learning module to store and re-use PT policies in the same way that a human PT expert would learn but in a more efficient way. View Full-Text
Keywords: penetration testing; artificial intelligence; machine learning; reinforcement learning; network security auditing; offensive cyber-security; vulnerability assessment. penetration testing; artificial intelligence; machine learning; reinforcement learning; network security auditing; offensive cyber-security; vulnerability assessment.
Show Figures

Figure 1

MDPI and ACS Style

Ghanem, M.C.; Chen, T.M. Reinforcement Learning for Efficient Network Penetration Testing. Information 2020, 11, 6. https://doi.org/10.3390/info11010006

AMA Style

Ghanem MC, Chen TM. Reinforcement Learning for Efficient Network Penetration Testing. Information. 2020; 11(1):6. https://doi.org/10.3390/info11010006

Chicago/Turabian Style

Ghanem, Mohamed C.; Chen, Thomas M. 2020. "Reinforcement Learning for Efficient Network Penetration Testing" Information 11, no. 1: 6. https://doi.org/10.3390/info11010006

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Search more from Scilit
 
Search
Back to TopTop