Weakness Analysis of Cyberspace Configuration Based on Reinforcement Learning

TL;DR

This paper introduces a reinforcement learning-based method for analyzing cyberspace configurations, capable of discovering hidden attack paths across multiple domains by learning from past experiences and improving over time.

Contribution

It presents a novel RL approach with a multiple domain action module to effectively identify hidden attack paths in cyberspace configurations, outperforming existing methods.

Findings

Finds more hidden attack paths than baseline methods.

Improves attack path discovery with increased training.

Effective in multi-domain cyberspace environments.

Abstract

In this work, we present a learning-based approach to analysis cyberspace configuration. Unlike prior methods, our approach has the ability to learn from past experience and improve over time. In particular, as we train over a greater number of agents as attackers, our method becomes better at rapidly finding attack paths for previously hidden paths, especially in multiple domain cyberspace. To achieve these results, we pose finding attack paths as a Reinforcement Learning (RL) problem and train an agent to find multiple domain attack paths. To enable our RL policy to find more hidden attack paths, we ground representation introduction an multiple domain action select module in RL. By designing a simulated cyberspace experimental environment to verify our method. Our objective is to find more hidden attack paths, to analysis the weakness of cyberspace configuration. The experimental results show that our method can find more hidden multiple domain attack paths than existing baselines methods.