Cyber Agents for Security Testing and Learning Environments (CASTLE)
Abstract
The Cyber Agents for Security Testing and Learning Environments (CASTLE) program, expanding on approaches initiated in the Cyber-Hunting at Scale (CHASE) program (PE 0602303E, Project IT-03), will develop an AI-toolkit to instantiate realistic network environments and train cyber agents to enable resilient network operations against advanced persistent threats (APTs). CASTLE will formulate network hardening as a reinforcement learning (RL) problem and teach RL agents to operate through the post-breach behavior of widely available penetration testing tools. Over progressive rounds of attack and defense, agents will explore defensive actions to proactively stop on-going attacks while maintaining operationally relevant workflows. Environments will execute agents inside instrumented subnets that are deployed to live networks and will simulate defensive actions that counter APT tools. Agent execution will produce calibrated datasets for progressively improving simulations. The defensive cyber agents developed under CASTLE will provide the DoD with continual security assessments of critical networks and real-time response to cyber attacks.
Document Details
- Document Type
- Accomplishment
- Publication Date
- Oct 01, 2024
- Source ID
- e54cb69a4b2024b605dfe6c50de221bd