Reinforcement Learning for Automated Cybersecurity Penetration Testing
- URL: http://arxiv.org/abs/2507.02969v1
- Date: Mon, 30 Jun 2025 15:06:17 GMT
- Title: Reinforcement Learning for Automated Cybersecurity Penetration Testing
- Authors: Daniel López-Montero, José L. Álvarez-Aldana, Alicia Morales-Martínez, Marta Gil-López, Juan M. Auñón García,
- Abstract summary: Reinforcement Learning is proposed to select and prioritize tools and optimize the testing path.<n>The validation and testing process was conducted on real-world vulnerable web pages commonly used by human hackers for learning.
- Score: 0.0
- License: http://creativecommons.org/licenses/by-nc-nd/4.0/
- Abstract: This paper aims to provide an innovative machine learning-based solution to automate security testing tasks for web applications, ensuring the correct functioning of all components while reducing project maintenance costs. Reinforcement Learning is proposed to select and prioritize tools and optimize the testing path. The presented approach utilizes a simulated webpage along with its network topology to train the agent. Additionally, the model leverages Geometric Deep Learning to create priors that reduce the search space and improve learning convergence. The validation and testing process was conducted on real-world vulnerable web pages commonly used by human hackers for learning. As a result of this study, a reinforcement learning algorithm was developed that maximizes the number of vulnerabilities found while minimizing the number of steps required
Related papers
- Onboard Optimization and Learning: A Survey [10.511932152633253]
Onboard learning is a transformative approach in edge AI, enabling real-time data processing, decision-making, and adaptive model training directly on resource-constrained devices.<n>However, onboard learning faces challenges such as limited computational resources, high inference costs, and security vulnerabilities.<n>This survey explores techniques that optimize model efficiency, accelerate inference, and support collaborative learning across distributed devices.
arXiv Detail & Related papers (2025-05-07T07:47:14Z) - Machine Learning Insides OptVerse AI Solver: Design Principles and
Applications [74.67495900436728]
We present a comprehensive study on the integration of machine learning (ML) techniques into Huawei Cloud's OptVerse AI solver.
We showcase our methods for generating complex SAT and MILP instances utilizing generative models that mirror multifaceted structures of real-world problem.
We detail the incorporation of state-of-the-art parameter tuning algorithms which markedly elevate solver performance.
arXiv Detail & Related papers (2024-01-11T15:02:15Z) - Using Machine Learning To Identify Software Weaknesses From Software
Requirement Specifications [49.1574468325115]
This research focuses on finding an efficient machine learning algorithm to identify software weaknesses from requirement specifications.
Keywords extracted using latent semantic analysis help map the CWE categories to PROMISE_exp. Naive Bayes, support vector machine (SVM), decision trees, neural network, and convolutional neural network (CNN) algorithms were tested.
arXiv Detail & Related papers (2023-08-10T13:19:10Z) - Constrained Adversarial Learning for Automated Software Testing: a literature review [0.0]
This literature review is focused on the current state-of-the-art of constrained data generation approaches applied for adversarial learning and software testing.<n>The advantages and limitations of those specific for white-box, grey-box, and black-box testing were analyzed.
arXiv Detail & Related papers (2023-03-14T00:27:33Z) - Backdoor Attack Detection in Computer Vision by Applying Matrix
Factorization on the Weights of Deep Networks [6.44397009982949]
We introduce a novel method for backdoor detection that extracts features from pre-trained DNN's weights.
In comparison to other detection techniques, this has a number of benefits, such as not requiring any training data.
Our method outperforms the competing algorithms in terms of efficiency and is more accurate, helping to ensure the safe application of deep learning and AI.
arXiv Detail & Related papers (2022-12-15T20:20:18Z) - Evaluating Model-free Reinforcement Learning toward Safety-critical
Tasks [70.76757529955577]
This paper revisits prior work in this scope from the perspective of state-wise safe RL.
We propose Unrolling Safety Layer (USL), a joint method that combines safety optimization and safety projection.
To facilitate further research in this area, we reproduce related algorithms in a unified pipeline and incorporate them into SafeRL-Kit.
arXiv Detail & Related papers (2022-12-12T06:30:17Z) - Design Automation for Fast, Lightweight, and Effective Deep Learning
Models: A Survey [53.258091735278875]
This survey covers studies of design automation techniques for deep learning models targeting edge computing.
It offers an overview and comparison of key metrics that are used commonly to quantify the proficiency of models in terms of effectiveness, lightness, and computational costs.
The survey proceeds to cover three categories of the state-of-the-art of deep model design automation techniques.
arXiv Detail & Related papers (2022-08-22T12:12:43Z) - Constrained Reinforcement Learning for Robotics via Scenario-Based
Programming [64.07167316957533]
It is crucial to optimize the performance of DRL-based agents while providing guarantees about their behavior.
This paper presents a novel technique for incorporating domain-expert knowledge into a constrained DRL training loop.
Our experiments demonstrate that using our approach to leverage expert knowledge dramatically improves the safety and the performance of the agent.
arXiv Detail & Related papers (2022-06-20T07:19:38Z) - Recursive Least-Squares Estimator-Aided Online Learning for Visual
Tracking [58.14267480293575]
We propose a simple yet effective online learning approach for few-shot online adaptation without requiring offline training.
It allows an in-built memory retention mechanism for the model to remember the knowledge about the object seen before.
We evaluate our approach based on two networks in the online learning families for tracking, i.e., multi-layer perceptrons in RT-MDNet and convolutional neural networks in DiMP.
arXiv Detail & Related papers (2021-12-28T06:51:18Z) - Deep Q-Learning based Reinforcement Learning Approach for Network
Intrusion Detection [1.7205106391379026]
We introduce a new generation of network intrusion detection methods that combines a Q-learning-based reinforcement learning with a deep-feed forward neural network method for network intrusion detection.
Our proposed Deep Q-Learning (DQL) model provides an ongoing auto-learning capability for a network environment.
Our experimental results show that our proposed DQL is highly effective in detecting different intrusion classes and outperforms other similar machine learning approaches.
arXiv Detail & Related papers (2021-11-27T20:18:00Z) - Deep hierarchical reinforcement agents for automated penetration testing [0.0]
This paper presents a novel deep reinforcement learning architecture with hierarchically structured agents called HA-DRL.
The proposed architecture is shown to find the optimal attacking policy faster and more stably than a conventional deep Q-learning agent.
arXiv Detail & Related papers (2021-09-14T05:28:22Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.