ÌìÃÀ´«Ã½

Newswise — Researchers from Zhongguancun Laboratory, Zhejiang Lab, the National Research Centre of Parallel Computer Engineering and Technology, Beijing Normal University, and Tsinghua University have jointly developed an advanced AI-driven system called CLAP. This effort significantly improves automated penetration testing for large-scale computer networks, enhancing the accuracy and speed of identifying cybersecurity vulnerabilities.

Automating Cyber Defense

Automated penetration testing is crucial for safeguarding digital infrastructure, from enterprise networks to government systems. Traditionally, such testing relies heavily on human experts, making it costly, inconsistent, and slow. CLAP’s innovative reinforcement learning approach solves these issues by automating and optimizing the testing process.

Uncovering Hidden Vulnerabilities

Imagine the cybersecurity assessment process as exploring a vast, complex city to locate hidden vulnerabilities. Traditional automated methods are like drivers repeatedly using the same main roads, missing problems hidden in side streets or new neighborhoods. In contrast, CLAP behaves like an experienced city guide, continuously mapping unvisited streets and neighborhoods, effectively identifying risks in areas previously overlooked.

Reduces Steps and Expands Cybersecurity Reach

The key outcomes of this research demonstrate CLAP’s significant advantages over existing methods, including a nearly 35% reduction in the steps required to identify network vulnerabilities compared to current systems like HDSPI-DQN, HA-DQN, and DUSC-DQN. Moreover, CLAP effectively assesses much larger networks—up to 500 hosts—far beyond the scale manageable by existing technologies, typically limited to around 100 hosts. Additionally, the diverse testing strategies produced by CLAP enable broader, more thorough security assessments, ensuring comprehensive protection of critical networks.

“CLAP not only underscores the transformative potential of deep reinforcement learning in cybersecurity but also sets a new standard for automated defense systems. We are confident that CLAP will improve how organizations protect their digital assets, driving a paradigm shift in the battle against emerging cyber threats,” said Prof. Zuoning Chen, lead researcher.

The Coverage Mechanism and Chebyshev Critic Elevate Testing Strategies

The researchers utilized AI technology, featuring a unique “coverage mechanism” that mimics expert cybersecurity testers by prioritizing unexplored network areas. Additionally, they introduced the “Chebyshev critic,” enabling diverse and effective testing strategies without manually set parameters.

This joint research effort from prominent institutions represents a significant advancement in cybersecurity, offering practical solutions to secure increasingly vast and intricate global digital infrastructures.  The complete study is accessible via DOI: 10.1007/s11704-024-3380-1.