Discover the Hidden Attack Path in Multi-domain Cyberspace Based on Reinforcement Learning
This addresses cybersecurity configuration analysis for multi-domain networks, but it appears incremental as it builds on existing RL approaches with specific modules.
The paper tackles the problem of discovering hidden attack paths in multi-domain cyberspace by formulating it as a reinforcement learning problem, resulting in a method that finds more hidden and shorter attack paths than baseline methods.
In this work, we present a learning-based approach to analysis cyberspace security configuration. Unlike prior methods, our approach has the ability to learn from past experience and improve over time. In particular, as we train over a greater number of agents as attackers, our method becomes better at discovering hidden attack paths for previously methods, especially in multi-domain cyberspace. To achieve these results, we pose discovering attack paths as a Reinforcement Learning (RL) problem and train an agent to discover multi-domain cyberspace attack paths. To enable our RL policy to discover more hidden attack paths and shorter attack paths, we ground representation introduction an multi-domain action select module in RL. Our objective is to discover more hidden attack paths and shorter attack paths by our proposed method, to analysis the weakness of cyberspace security configuration. At last, we designed a simulated cyberspace experimental environment to verify our proposed method, the experimental results show that our method can discover more hidden multi-domain attack paths and shorter attack paths than existing baseline methods.