Microsoft has released a cyberattack simulator (opens in new tab) that’s designed to enable security researchers to create simulated network environments in order to observe the interactions between automated Artificial Intelligence (AI)-driven attackers and defenders.
The simulator called CyberBattleSim, is available under an open source (opens in new tab) license and relies on the Python (opens in new tab)-based Open AI Gym toolkit to train the automated agents based on reinforcement learning algorithms.
“To stay ahead of adversaries, who show no restraint in adopting tools and techniques that can help them attain their goals, Microsoft continues to harness AI and machine learning to solve security challenges. One area we’ve been experimenting on is autonomous systems,” writes William Blum from Microsoft 365 (opens in new tab) Defender Research Team while introducing the simulator.
We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.
>> Click here to start the survey in a new window (opens in new tab)<<
- Protect your devices with these best antivirus software (opens in new tab)
- These are the best ransomware protection tools (opens in new tab)
- Here's our choice of the best malware removal (opens in new tab) software on the market
Blum explains that CyberBattleSim helps researchers observe and understand how a threat actor laterally spreads through a network after its initial compromise.
The simulator is part of Microsoft’s efforts to use AI and machine learning in its battle against adversaries.
Security researchers can use the open sourced simulator to create a network with several nodes along with their running services, their vulnerabilities, as well as the security mechanisms on individual nodes.
The simulator tasks the automated attackers to take ownership of as much of the network by exploiting the vulnerabilities of the nodes. Similarly, automated defenders are designed to detect the presence of the attackers and eject them from the network in order to contain the attack.
Blum hopes the security community can use this simulator to refine the use of reinforcement learning for security applications.
“With CyberBattleSim, we are just scratching the surface of what we believe is a huge potential for applying reinforcement learning to security. We invite researchers and data scientists to build on our experimentation," he concludes.
- These are some of the best endpoint protection software (opens in new tab)
Via: BleepingComputer (opens in new tab)