Incorporating Deception into CyberBattleSim for Autonomous Defense

08/31/2021
by   Erich Walter, et al.
0

Deceptive elements, including honeypots and decoys, were incorporated into the Microsoft CyberBattleSim experimentation and research platform. The defensive capabilities of the deceptive elements were tested using reinforcement learning based attackers in the provided capture the flag environment. The attacker's progress was found to be dependent on the number and location of the deceptive elements. This is a promising step toward reproducibly testing attack and defense algorithms in a simulated enterprise network with deceptive defensive elements.

READ FULL TEXT

Please sign up or login with your details

Forgot password? Click here to reset