Reinforcement learning for efficient network penetration testing

Ghanem, Mohamed Chahine and Chen, Thomas (2020) Reinforcement learning for efficient network penetration testing. Information, 11 (1 [6]). ISSN 2078-2489

information-11-00006-v2.pdf - Published Version
Available under License Creative Commons Attribution 4.0.

Download (866kB) | Preview
Official URL:

Abstract / Description

Penetration testing (also known as pentesting or PT) is a common practice for actively assessing the defenses of a computer network by planning and executing all possible attacks to discover and exploit existing vulnerabilities. Current penetration testing methods are increasingly becoming non-standard, composite and resource-consuming despite the use of evolving tools. In this paper, we propose and evaluate an AI-based pentesting system which makes use of machine learning techniques, namely reinforcement learning (RL) to learn and reproduce average and complex pentesting activities. The proposed system is named Intelligent Automated Penetration Testing System (IAPTS) consisting of a module that integrates with industrial PT frameworks to enable them to capture information, learn from experience, and reproduce tests in future similar testing cases. IAPTS aims to save human resources while producing much-enhanced results in terms of time consumption, reliability and frequency of testing. IAPTS takes the approach of modeling PT environments and tasks as a partially observed Markov decision process (POMDP) problem which is solved by POMDP-solver. Although the scope of this paper is limited to network infrastructures PT planning and not the entire practice, the obtained results support the hypothesis that RL can enhance PT beyond the capabilities of any human PT expert in terms of time consumed, covered attacking vectors, accuracy and reliability of the outputs. In addition, this work tackles the complex problem of expertise capturing and re-use by allowing the IAPTS learning module to store and re-use PT policies in the same way that a human PT expert would learn but in a more efficient way.

Item Type: Article
Additional Information: This article belongs to the Special Issue Machine Learning for Cyber-Security
Uncontrolled Keywords: penetration testing; artificial intelligence; machine learning; reinforcement learning; network security auditing; offensive cyber-security; vulnerability assessment
Subjects: 000 Computer science, information & general works
Department: School of Computing and Digital Media
Depositing User: Dr Mohamed Chahine Ghanem
Date Deposited: 14 Oct 2022 08:44
Last Modified: 20 Nov 2023 10:05


Downloads per month over past year

Downloads each year

Actions (login required)

View Item View Item