Systems and Means of Informatics
2025, Volume 35, Issue 3, pp 105-116
MODEL OF AUTOMATED ATTACK SIMULATION SYSTEM BASED ON MACHINE LEARNING
Abstract
The paper explores the application of machine learning techniques to the development of an intelligent attack simulation system designed to automate penetration testing as a part of network security assurance. Traditional penetration testing methods are often labor-intensive and require significant time and resource investment. The proposed model integrates Generative Adversarial Imitation Learning and reinforcement learning algorithms, enabling the simulation of attacker behavior and the generation of realistic scenarios that closely mimic the actions of professional security experts. A key feature of the model is the incorporation of semantic rewards which account not only for the achievement of attack objectives but also for factors such as the novelty and stealthiness of the actions. To improve adaptability in dynamic network environments, the model can be extended with dual discriminators. Additionally, support for multi-agent interaction makes it possible to simulate coordinated attacks involving multiple adversaries.
[+] References (11)
- Jaber, A., and L. Fritsch. 2022. Towards Al-powered cybersecurity attack modeling with simulation tools: Review of attack simulators. Advances in P2P, parallel, grid, cloud and internet computing. Ed. L. Barolli. Lecture notes in networks and systems ser. Cham: Springer. 571:249-257. doi: 10.1007/978-3-031-19945-5/5.
- Gavrilov, V.E., and A. A. Zatsarinny. 2018. Nekotorye sistemotekhnicheskie voprosy ispol'zovaniya intellektual'nogo analiza dannykh dlya obespecheniya zashchity informatsii v situatsionnykh tsentrakh [Regarding systemic and technical problems of applying intellectual data analysis for providing information protection in situational centers]. Sistemy i Sredstva Informatiki - Systems and Means of Informatics 28(1):89-98. doi: 10.14357/08696527180107. EDN: YVXNEH.
- Wiering, M.A., and M. Van Otterlo, eds. 2012. Reinforcement learning: State-of- the-art. Adaptation, learning, and optimization ser. Heidelberg, New York, Dordrecht, London: Springer. Vol. 12. 672 p. doi:10.1007/978-3-642-27645-3.
- Ho, J., and S. Ermon. 2016. Generative adversarial imitation learning. Adv. Neur. In. 29:4572{4580.
- Elderman, R., L. J. J. Pater, A. S. Thie, et al. 2017. Adversarial reinforcement learning in a cyber security simulation. 9th Conference (International) on Agents and Artificial Intelligence Proceedings. SciTePress. 1:559466. doi: 10.5220/0006197105590566.
- Goodfellow, I. J., J. Pouget-Abadie, M. Mirza, et al. 2014. Generative adversarial nets. Adv. Neur. In. 27:2672{2680.
- Maeda, R., and M. Mimura. 2021. Automating post-exploitation with deep reinforcement learning. Comput. Secur. 100(C):102108. 13 p. doi: 10.1016/j.cose.2020. 102108.
- Mishchenko, A. I. 2013. Mekhanizmy poiska uyazvimostey v operatsionnykh sistemakh, postroennykh na baze yadra Linux [Linux-based operating systems vulnerabilities searching methods]. Sistemy i Sredstva Informatiki - Systems and Means of Informatics 23(1):27{32. EDN: QCLUSR.
- Hu, Z., R. Beuran, and Y. Tan. 2020. Automated penetration testing using deep reinforcement learning. European Symposium on Security and Privacy Workshops Proceedings. IEEE. 240. doi: 10.1109/EuroSPW51379.2020.00010.
- Chaudhary, S., A. O'Brien, and S. Xu. 2020. Automated post-breach penetration testing through reinforcement learning. Conference on Communications and Network Security Proceedings. IEEE. Art. 9162301. 2 p. doi: 10.1109/CNS48642.2020.9162301.
- Nguyen, T.D., T. Le, H. Vu, and D. Phung. 2017. Dual discriminator generative adversarial nets. Adv. Neur. In. 30:2671{2681.
[+] About this article
Title
MODEL OF AUTOMATED ATTACK SIMULATION SYSTEM BASED ON MACHINE LEARNING
Journal
Systems and Means of Informatics
Volume 35, Issue 3, pp 105-116
Cover Date
2025-11-10
DOI
10.14357/08696527250307
Print ISSN
0869-6527
Publisher
Institute of Informatics Problems, Russian Academy of Sciences
Additional Links
Key words
information security; generative adversarial imitation learning; attack simulation; machine learning
Authors
M. M. Grekov 
Author Affiliations
Tula State University, 92 Lenina Ave., Tula 300012, Russian Federation
|