Cyber Agents for Security Testing and Learning Environments (CASTLE)
Abstract
The Cyber Agents for Security Testing and Learning Environments (CASTLE) program is developing an Artificial Intelligence (AI) toolkit to instantiate realistic network environments and train AI cyber agents to enable resilient network operations against advanced persistent threats (APTs). CASTLE formulates network hardening as a reinforcement learning (RL) problem and teaches RL agents to operate through the post-breach behavior of widely available penetration testing tools. Over progressive rounds of attack and defense, agents explore defensive actions to proactively stop on-going attacks while maintaining operationally relevant workflows. Environments execute agents inside instrumented subnets that are deployed to live networks and will simulate defensive actions that counter APT tools. Agent execution will produce calibrated datasets for progressively improving simulations. The defensive AI cyber agents developed under CASTLE will provide the DoD with continual security assessments of critical networks and real-time response to cyber attacks.
Document Details
- Document Type
- Accomplishment
- Publication Date
- Oct 01, 2025
- Source ID
- 0de22aaa5e7926b0142be690ada21cdf