CLAP, an AI-based tool, uses reinforcement learning to automate penetration testing—reducing test steps by 35% and scaling to networks with up to 500 hosts.
Researchers have developed an AI-driven system called CLAP that significantly improves automated penetration testing for large-scale computer networks, enhancing the accuracy and speed of identifying cybersecurity vulnerabilities.
Automated penetration testing is crucial for safeguarding digital infrastructure. Traditionally, such testing relies heavily on human experts, making it costly, inconsistent, and slow. CLAP’s innovative reinforcement learning approach solves these issues by automating and optimizing the testing process.
The system was developed by researchers from Zhongguancun Laboratory, Zhejiang Lab, the National Research Centre of Parallel Computer Engineering and Technology, Beijing Normal University, and Tsinghua University.
Uncovering Hidden Vulnerabilities
Imagine the cybersecurity assessment process as exploring a vast, complex city to locate hidden vulnerabilities. Traditional automated methods are like drivers repeatedly using the same main roads, missing problems hidden in side streets or new neighborhoods. In contrast, CLAP behaves like an experienced city guide, continuously mapping unvisited streets and neighborhoods, effectively identifying risks in areas previously overlooked.
The key outcomes of this research demonstrate CLAP’s significant advantages over existing methods, including a nearly 35% reduction in the steps required to identify network vulnerabilities compared to current systems like HDSPI-DQN, HA-DQN, and DUSC-DQN.
Moreover, CLAP effectively assesses much larger networks—up to 500 hosts—far beyond the scale manageable by existing technologies, typically limited to around 100 hosts. Additionally, the diverse testing strategies produced by CLAP enable broader, more thorough security assessments, ensuring comprehensive protection of critical networks.
“CLAP not only underscores the transformative potential of deep reinforcement learning in cybersecurity but also sets a new standard for automated defense systems. We are confident that CLAP will improve how organizations protect their digital assets, driving a paradigm shift in the battle against emerging cyber threats,” says Zuoning Chen, lead researcher, in a release.
The Coverage Mechanism and ‘Chebyshev Critic’ Elevate Testing Strategies
The researchers utilized AI technology, featuring a unique “coverage mechanism” that mimics expert cybersecurity testers by prioritizing unexplored network areas. Additionally, they introduced the “Chebyshev critic,” enabling diverse and effective testing strategies without manually set parameters.
This joint research effort was published in Frontiers of Computer Science. It represents an advancement in cybersecurity, offering practical solutions to secure increasingly vast and intricate global digital infrastructures, according to the researchers..
Photo caption: Penetration testing as a sequential decision-making process
Photo credit: Yizhou Yang
