Autopentest-drl [2021]

AutoPentest-DRL is versatile, offering different modes for research, training, and active testing:

Once trained, the framework can be deployed against actual network environments to conduct automated penetration tests, significantly reducing the time required for security audits. Why DRL for Pentesting? autopentest-drl

Artificial Intelligence for Cybersecurity Education and Training : This paper introduces the AutoPentest-DRL Each state includes: : Instead of following a

Initialize PPO agent with random weights Initialize Gym-Network environment for episode = 1 to M do Reset environment, get initial state s_0 for t = 1 to T_max do Select action a_t ~ π_θ(s_t) Execute a_t, observe reward r_t, next state s_t+1 Store transition in PER buffer if buffer size > batch_size then Sample batch B with probability ∝ |δ_i| Compute advantages Â_t using GAE(λ) Update actor loss L_CLIP = E[ min(ρ_t Â_t, clip(ρ_t, 1-ε,1+ε)Â_t) ] Update critic loss L_VF = E[ (V_θ(s_t) - R_t)^2 ] Update agent via Adam optimizer (lr=3e-4) end if s_t ← s_t+1 if goal reached or dead end then break end for end for AutoPentest-DRL is versatile

A representation of the current knowledge of the target network. Each state includes:

: Instead of following a static script, it uses a DQN (Deep Q-Network) engine to determine the most efficient sequence of vulnerabilities to exploit to reach a target . Logical vs. Real Mode :