Successful attacks on computer networks today do not often owe their victory to directly overcoming strong security measures set up by the defender. Rather, most attacks succeed because the number of possible vulnerabilities are too large for humans to fully protect without making a mistake. Regardless of the security elsewhere, a skilled attacker can exploit a single vulnerability in a defensive system and negate the benefits of those security measures. This paper presents an evolutionary framework for evolving attacker agents in a real, emulated network environment using genetic programming, as a foundation for coevolutionary systems which can automatically discover and mitigate network security flaws. We examine network enumeration, an initial network reconnaissance step, through our framework and present results demonstrating its success, indicating a broader applicability to further cyber-security tasks.
S. Harris et al., "Evolution of Network Enumeration Strategies in Emulated Computer Networks," Proceedings of the 2018 Genetic and Evolutionary Computation Conference Companion, pp. 1640-1647, Association for Computing Machinery (ACM), Jul 2018.
The definitive version is available at https://doi.org/10.1145/3205651.3208270
2018 Genetic and Evolutionary Computation Conference, GECCO 2018 (2018: Jul. 15-19, Kyoto, Japan)
Keywords and Phrases
Genetic programming; Network emulation; Network security
International Standard Book Number (ISBN)
Article - Conference proceedings
© 2018 The Authors, All rights reserved.