TY - GEN
T1 - Towards a High Fidelity Training Environment for Autonomous Cyber Defense Agents
AU - Oesch, Sean
AU - Chaulagain, Amul
AU - Weber, Brian
AU - Dixson, Matthew
AU - Sadovnik, Amir
AU - Roberson, Benjamin
AU - Watson, Cory
AU - Austria, Phillipe
N1 - Publisher Copyright:
© 2024 Public Domain.
PY - 2024/8/13
Y1 - 2024/8/13
N2 - Cyber defenders are overwhelmed by the frequency and scale of attacks against their networks. This problem will only be exacerbated as attackers leverage AI to automate their workflows. Autonomous cyber defense capabilities could aid defenders by automating operations and adapting dynamically to novel threats. However, existing training environments fall short in areas such as generalization, explainability, scalability, and transferability, making it intractable to train agents that will be effective in real networks. In this paper we take an important step towards creating autonomous cyber defense agents - we present a high fidelity training environment called Cyberwheel that includes both simulation and emulation capabilities. Cyberwheel simplifies customization of the training network and easily allows redefining the agent's reward function, observation space, and action space to support rapid experimentation of novel approaches to agent design. It also provides visibility into agent behaviors necessary for agent evaluation and sufficient documentation / examples to lower the barrier to entry. As an example use case of Cyberwheel, we present initial results training an autonomous agent to deploy cyber deception strategies in simulation.
AB - Cyber defenders are overwhelmed by the frequency and scale of attacks against their networks. This problem will only be exacerbated as attackers leverage AI to automate their workflows. Autonomous cyber defense capabilities could aid defenders by automating operations and adapting dynamically to novel threats. However, existing training environments fall short in areas such as generalization, explainability, scalability, and transferability, making it intractable to train agents that will be effective in real networks. In this paper we take an important step towards creating autonomous cyber defense agents - we present a high fidelity training environment called Cyberwheel that includes both simulation and emulation capabilities. Cyberwheel simplifies customization of the training network and easily allows redefining the agent's reward function, observation space, and action space to support rapid experimentation of novel approaches to agent design. It also provides visibility into agent behaviors necessary for agent evaluation and sufficient documentation / examples to lower the barrier to entry. As an example use case of Cyberwheel, we present initial results training an autonomous agent to deploy cyber deception strategies in simulation.
KW - Autonomous Cybersecurity Reinforcement learning
UR - http://www.scopus.com/inward/record.url?scp=85201411827&partnerID=8YFLogxK
U2 - 10.1145/3675741.3675752
DO - 10.1145/3675741.3675752
M3 - Conference contribution
AN - SCOPUS:85201411827
T3 - ACM International Conference Proceeding Series
SP - 91
EP - 99
BT - Proceedings of CSET 2024 - 17th Cyber Security Experimentation and Test Workshop
PB - Association for Computing Machinery
T2 - 17th Cyber Security Experimentation and Test Workshop, CSET 2024
Y2 - 13 August 2024
ER -