当前位置:首页 > 报告详情

萨拉·法默_用于自主弹性网络防御的强化学习.pdf

上传人: 张** 编号:175462 2024-09-13 25页 1.99MB

1、#BHUSA BlackHatEventsReinforcement LearningReinforcement Learningfor Autonomous Resilientfor Autonomous ResilientCyber DefenceCyber DefenceIan Miles,Sara Farmerarcdfnc.co.ukFrazer-Nash Reference:016273-146560V#BHUSA BlackHatEventsBriefing ContributorsIanSara2#BHUSA BlackHatEventsAutonomous Resilient

2、 Cyber DefenceUK ARCD programMission:Machine speed cyber response&recovery on military platforms&systems Defending IT&OT systemsGoals:Understand&demonstrate Autonomous Cyber Defence(ACD)Build national skills&knowledge100+projects,4 yearsBecauseNot enough cyber responders Not enough personnel No cybe

3、r defenders at tactical edge Military operator overloadMachine speed attacks Volume,velocity,varietySOAR limitations Context awareness,mission awareness3#BHUSA BlackHatEventsARCD EcosystemLeads Defence Science&Technology Laboratory:Customer Frazer-Nash Consultancy:ARCD Concepts QinetiQ:ARCD Test&Eva

4、luation Alan Turing Institute:Fundamental ResearchPartnerships4MLExpertsCyberDefenceExpertsUnicorn image:UK Supply Chain200 suppliers registered to view opportunities#BHUSA BlackHatEventsARCD Research5Cyber Threat DetectionCyber Situational AwarenessAutonomous Machine Speed Response&RecoveryIntegrat

5、ionFundamental ResearchFocus ofthis BriefingGovernance&AssuranceImage:www.nist.gov/cyberframework#BHUSA BlackHatEventsACD:Autonomous Cyber DefenceTrains and deploys blue(defense)cyber agents Rule-based or probabilistic reasoningObserving a cyber environment Capable of detecting an attack Inputs=conv

6、erted infosec feeds(pcaps etc)Acting in a cyber environment Respond or recover in real time Acts,or suggests actions to humansAutonomous Cyber Operations(ACO)trains both blue and red(attacker)agentsImage:CAGE4 challenge6#BHUSA BlackHatEventsTraining Defence AgentsLearning algorithms RL:PPO,DQN,DDQN,

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
本文主要介绍了英国Autonomous Resilient Cyber Defence(ARCD)项目的研究进展和成果。该项目旨在实现自主、快速的网络攻击响应与恢复,保护军事平台和系统,以及防御IT和OT系统。由于网络安全人员不足,项目采用了强化学习(RL)技术,通过训练蓝色(防御)网络代理来应对机器速度的攻击。研究显示,RL代理在复杂场景中的表现优于基于规则的代理。此外,通过GPT4生成的80个战术网络模拟训练,结合深度RL和图神经网络,提高了代理的泛化能力。项目还研究了对抗性学习,以训练能够防御新型攻击的蓝色代理。关键成果包括:增强英国网络安全/AI和MLSec能力;实现端到端的实时防御;开发多个创新技术;以及首次在真实军事OT系统中部署ACD。未来的工作将关注提高成熟度、集成Cyber Situational Awareness工具、进行红队演习和用户试验,以及探索ML的新方法等。
"AI在网络安全中的实际应用" 未来军事系统的守护神?" 网络防御的未来趋势?"
客服
商务合作
小程序
服务号
折叠