

<strong>Paper Title</strong><br>

Reinforcement Learning Agents for Autonomous Penetration Testing<br>

<br>


<strong>Abstract</strong><br>

In this work, we intend to study and modify Reinforcement Learning (RL) for automated penetration testing, with the goal of overcoming the limitations of traditional methods. Three RL models, DQN, DDPG, & AE-DDPG, are analyzed in a simulated network environment. The MulVAL attack-graph generator is used to identify attack paths in the environment, which are then fed as simplified inputs to the models. INNES, with its noise addition, enhanced exploration, improved sample efficiency, and diverse exploration within the attack graph, promotes diverse exploration. From our study, AE-DDPG emerges as the top performer, achieving the highest average reward and the fastest convergence, outperforming other models in effectiveness and adaptability to network changes. Despite the longer path lengths of model-free algorithm AE-DDPG, allows for more diverse and effective attack path identification, thereby enhancing the model’s vulnerability discovery in complex environments. This analysis indicated the potential for RL to improve the efficiency and effectiveness of pentesting but also reassured about the adaptability of AE-DDPG to network changes, making it a reliable choice for dynamic environments. 

Keywords - Reinforcement Learning, Penetration Testing, MulVAL, WIFI, Vulnerability.