Open-source simulator uses the Open AI Gym Python toolkit
Microsoft has released a cyberattack simulator that’s designed to enable security researchers to create simulated network environments in order to observe the interactions between automated Artificial Intelligence (AI)-driven attackers and defenders.
The simulator called CyberBattleSim, is available under an open source license and relies on the Python-based Open AI Gym toolkit to train the automated agents based on reinforcement learning algorithms.
“To stay ahead of adversaries, who show no restraint in adopting tools and techniques that can help them attain their goals, Microsoft continues to harness AI and machine learning to solve security challenges. One area we’ve been experimenting on is autonomous systems,” writes William Blum from Microsoft 365 Defender Research Team while introducing the simulator.
- Protect your devices with these best antivirus software
- These are the best ransomware protection tools
- Here’s our choice of the best malware removal software on the market
Blum explains that CyberBattleSim helps researchers observe and understand how a threat actor laterally spreads through a network after its initial compromise.
The simulator is part of Microsoft’s efforts to use AI and machine learning in its battle against adversaries.
Security researchers can use the open sourced simulator to create a network with several nodes along with their running services, their vulnerabilities, as well as the security mechanisms on individual nodes.
The simulator tasks the automated attackers to take ownership of as much of the network by exploiting the vulnerabilities of the nodes. Similarly, automated defenders are designed to detect the presence of the attackers and eject them from the network in order to contain the attack.
Blum hopes the security community can use this simulator to refine the use of reinforcement learning for security applications.
“With CyberBattleSim, we are just scratching the surface of what we believe is a huge potential for applying reinforcement learning to security. We invite researchers and data scientists to build on our experimentation,” he concludes.
- These are some of the best endpoint protection software