Skip to main content

Microsoft launches cyberattack simulator to help you check your defenses

representational image of a cloud firewall
(Image credit: Pixabay)
Audio player loading…

Microsoft has released a cyberattack simulator (opens in new tab) that’s designed to enable security researchers to create simulated network environments in order to observe the interactions between automated Artificial Intelligence (AI)-driven attackers and defenders.

The simulator called CyberBattleSim, is available under an open source (opens in new tab) license and relies on the Python (opens in new tab)-based Open AI Gym toolkit to train the automated agents based on reinforcement learning algorithms.

“To stay ahead of adversaries, who show no restraint in adopting tools and techniques that can help them attain their goals, Microsoft continues to harness AI and machine learning to solve security challenges. One area we’ve been experimenting on is autonomous systems,” writes William Blum from Microsoft 365 (opens in new tab) Defender Research Team while introducing the simulator.

TechRadar needs yo...

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window (opens in new tab)<<

Game on

Blum explains that CyberBattleSim helps researchers observe and understand how a threat actor laterally spreads through a network after its initial compromise.

The simulator is part of Microsoft’s efforts to use AI and machine learning in its battle against adversaries. 

Security researchers can use the open sourced simulator to create a network with several nodes along with their running services, their vulnerabilities, as well as the security mechanisms on individual nodes.

The simulator tasks the automated attackers to take ownership of as much of the network by exploiting the vulnerabilities of the nodes. Similarly, automated defenders are designed to detect the presence of the attackers and eject them from the network in order to contain the attack.

Blum hopes the security community can use this simulator to refine the use of reinforcement learning for security applications. 

“With CyberBattleSim, we are just scratching the surface of what we believe is a huge potential for applying reinforcement learning to security. We invite researchers and data scientists to build on our experimentation," he concludes.

Via: BleepingComputer (opens in new tab)

Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.