Advanced Breach and Attack Simulation using ML
Cybersecurity is becoming a need more than ever. Organizations need to protect their digital assets and are required to earn certifications to prove the compliance to the regulations and rules. For this, these assets must be assessed to ensure the target security posture and to get certified or pass an audit on yearly basis. This is a daunting and costly task as it often requires a third-party tester that tries to penetrate the system, under agreement. Breach and Attack Simulation is a new method that allows to do this penetration testing in-house, using some automation tools. Some of these tools can be using scripts of known attack vectors, and running them in sequence. This, however, does not cover unknown zero-day attacks. An intelligent way would be to try to account for potential attack that are unknown. We envision that using some Machine Learning techniques trained on some types of vulnerabilities can make this automation smarter.
Computer, Electrical and Mathematical Sciences and Engineering
Center Affiliation -
Resilient Computing and Cybersecurity Center
Field of Study -
Cybersecurity, Machine Learning, Deep Learning, Penetration testing
Professor, Computer Science and Director, Resilient Computing and Cybersecurity Center (Computer, Electrical and Mathematical Science and Engineering Division)
Desired Project Deliverables
The goal of this project is to experiment the use of Deep Learning or Generative Adversarial Networks as a tool to optimize the Breach and Attack Simulation. The intern will make use off-the-shelf tools that follow the same method for the detection of critical faults, e.g., memory overflows, and extend it for more security vulnerabilities (e.g., network). The objectives of the project are to understand the feasibility of ML model in optimizing BAS tools and publish the results as a paper or commercialize the project.