Crown Jewels Analysis using Reinforcement Learning with Attack Graphs

Add code
Aug 20, 2021
Rohit Gangupantulu, Tyler Cody, Abdul Rahman, Christopher Redino, Ryan Clark, Paul Park
Figure 1 for Crown Jewels Analysis using Reinforcement Learning with Attack Graphs
Figure 2 for Crown Jewels Analysis using Reinforcement Learning with Attack Graphs
Figure 3 for Crown Jewels Analysis using Reinforcement Learning with Attack Graphs
Figure 4 for Crown Jewels Analysis using Reinforcement Learning with Attack Graphs

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

Cyber attacks pose existential threats to nations and enterprises. Current practice favors piece-wise analysis using threat-models in the stead of rigorous cyber terrain analysis and intelligence preparation of the battlefield. Automated penetration testing using reinforcement learning offers a new and promising approach for developing methodologies that are driven by network structure and cyber terrain, that can be later interpreted in terms of threat-models, but that are principally network-driven analyses. This paper presents a novel method for crown jewel analysis termed CJA-RL that uses reinforcement learning to identify key terrain and avenues of approach for exploiting crown jewels. In our experiment, CJA-RL identified ideal entry points, choke points, and pivots for exploiting a network with multiple crown jewels, exemplifying how CJA-RL and reinforcement learning for penetration testing generally can benefit computer network operations workflows.

View paper onarxiv icon

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon