Raij\=u: Reinforcement Learning-Guided Post-Exploitation for Automating
Security Assessment of Network Systems
- URL: http://arxiv.org/abs/2309.15518v1
- Date: Wed, 27 Sep 2023 09:36:22 GMT
- Title: Raij\=u: Reinforcement Learning-Guided Post-Exploitation for Automating
Security Assessment of Network Systems
- Authors: Van-Hau Pham, Hien Do Hoang, Phan Thanh Trung, Van Dinh Quoc,
Trong-Nghia To, Phan The Duy
- Abstract summary: Raij=u framework is a Reinforcement Learning-driven automation approach.
We implement two RL algorithms to train specialized agents capable of making intelligent actions.
Agents achieve over 84% of successful attacks with under 55 attack steps given.
- Score: 0.0
- License: http://creativecommons.org/licenses/by-nc-sa/4.0/
- Abstract: In order to assess the risks of a network system, it is important to
investigate the behaviors of attackers after successful exploitation, which is
called post-exploitation. Although there are various efficient tools supporting
post-exploitation implementation, no application can automate this process.
Most of the steps of this process are completed by experts who have profound
knowledge of security, known as penetration testers or pen-testers. To this
end, our study proposes the Raij\=u framework, a Reinforcement Learning
(RL)-driven automation approach that assists pen-testers in quickly
implementing the process of post-exploitation for security-level evaluation in
network systems. We implement two RL algorithms, Advantage Actor-Critic (A2C)
and Proximal Policy Optimization (PPO), to train specialized agents capable of
making intelligent actions, which are Metasploit modules to automatically
launch attacks of privileges escalation, gathering hashdump, and lateral
movement. By leveraging RL, we aim to empower these agents with the ability to
autonomously select and execute actions that can exploit vulnerabilities in
target systems. This approach allows us to automate certain aspects of the
penetration testing workflow, making it more efficient and responsive to
emerging threats and vulnerabilities. The experiments are performed in four
real environments with agents trained in thousands of episodes. The agents
automatically select actions and launch attacks on the environments and achieve
over 84\% of successful attacks with under 55 attack steps given. Moreover, the
A2C algorithm has proved extremely effective in the selection of proper actions
for automation of post-exploitation.
Related papers
- Auto-RT: Automatic Jailbreak Strategy Exploration for Red-Teaming Large Language Models [62.12822290276912]
Auto-RT is a reinforcement learning framework that automatically explores and optimize complex attack strategies.
By significantly improving exploration efficiency and automatically optimizing attack strategies, Auto-RT detects a boarder range of vulnerabilities, achieving a faster detection speed and 16.63% higher success rates compared to existing methods.
arXiv Detail & Related papers (2025-01-03T14:30:14Z) - PentestAgent: Incorporating LLM Agents to Automated Penetration Testing [6.815381197173165]
Manual penetration testing is time-consuming and expensive.
Recent advancements in large language models (LLMs) offer new opportunities for enhancing penetration testing.
We propose PentestAgent, a novel LLM-based automated penetration testing framework.
arXiv Detail & Related papers (2024-11-07T21:10:39Z) - AutoPT: How Far Are We from the End2End Automated Web Penetration Testing? [54.65079443902714]
We introduce AutoPT, an automated penetration testing agent based on the principle of PSM driven by LLMs.
Our results show that AutoPT outperforms the baseline framework ReAct on the GPT-4o mini model.
arXiv Detail & Related papers (2024-11-02T13:24:30Z) - Breaking Agents: Compromising Autonomous LLM Agents Through Malfunction Amplification [35.16099878559559]
Large language models (LLMs) have experienced significant development and are being deployed in real-world applications.
We introduce a new type of attack that causes malfunctions by misleading the agent into executing repetitive or irrelevant actions.
Our experiments reveal that these attacks can induce failure rates exceeding 80% in multiple scenarios.
arXiv Detail & Related papers (2024-07-30T14:35:31Z) - Can We Trust Embodied Agents? Exploring Backdoor Attacks against Embodied LLM-based Decision-Making Systems [27.316115171846953]
Large Language Models (LLMs) have shown significant promise in real-world decision-making tasks for embodied AI.
LLMs are fine-tuned to leverage their inherent common sense and reasoning abilities while being tailored to specific applications.
This fine-tuning process introduces considerable safety and security vulnerabilities, especially in safety-critical cyber-physical systems.
arXiv Detail & Related papers (2024-05-27T17:59:43Z) - When Authentication Is Not Enough: On the Security of Behavioral-Based Driver Authentication Systems [53.2306792009435]
We develop two lightweight driver authentication systems based on Random Forest and Recurrent Neural Network architectures.
We are the first to propose attacks against these systems by developing two novel evasion attacks, SMARTCAN and GANCAN.
Through our contributions, we aid practitioners in safely adopting these systems, help reduce car thefts, and enhance driver security.
arXiv Detail & Related papers (2023-06-09T14:33:26Z) - Catch Me If You Can: Improving Adversaries in Cyber-Security With
Q-Learning Algorithms [0.7349727826230861]
Attackers disguise their actions and launch attacks that consist of multiple actions, which are difficult to detect.
In this work, we propose a model of an attacking agent and environment and evaluate its performance using basic Q-Learning, Naive Q-learning, and DoubleQ-Learning.
Results show that the DoubleQ-Learning agent has the best overall performance rate by successfully achieving the goal in $70%$ of the interactions.
arXiv Detail & Related papers (2023-02-07T21:57:59Z) - Constrained Reinforcement Learning for Robotics via Scenario-Based
Programming [64.07167316957533]
It is crucial to optimize the performance of DRL-based agents while providing guarantees about their behavior.
This paper presents a novel technique for incorporating domain-expert knowledge into a constrained DRL training loop.
Our experiments demonstrate that using our approach to leverage expert knowledge dramatically improves the safety and the performance of the agent.
arXiv Detail & Related papers (2022-06-20T07:19:38Z) - Automating Privilege Escalation with Deep Reinforcement Learning [71.87228372303453]
In this work, we exemplify the potential threat of malicious actors using deep reinforcement learning to train automated agents.
We present an agent that uses a state-of-the-art reinforcement learning algorithm to perform local privilege escalation.
Our agent is usable for generating realistic attack sensor data for training and evaluating intrusion detection systems.
arXiv Detail & Related papers (2021-10-04T12:20:46Z) - Adversarial EXEmples: A Survey and Experimental Evaluation of Practical
Attacks on Machine Learning for Windows Malware Detection [67.53296659361598]
adversarial EXEmples can bypass machine learning-based detection by perturbing relatively few input bytes.
We develop a unifying framework that does not only encompass and generalize previous attacks against machine-learning models, but also includes three novel attacks.
These attacks, named Full DOS, Extend and Shift, inject the adversarial payload by respectively manipulating the DOS header, extending it, and shifting the content of the first section.
arXiv Detail & Related papers (2020-08-17T07:16:57Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.