The rapid increase in cyber threats and the persistent challenge of limited Cybersecurity resources raise a pressing need for automation and Artificial Intelligence in Penetration Testing. With the range of different network types and configurations associated with dynamic attack sorts and strategies, there is a demand for AI-driven solutions that adapt to various situations. This paper examines two AI-driven approaches: a Large Language Model–based penetration testing agent (PenTest++) and a Reinforcement Learning agent (Cyberwheel), trained in both simulation and emulation scenarios. Our study reveals that the LLM-based agent excels at integrating current threat intelligence and adapting to emerging attack patterns. In contrast, the RL-based agent demonstrates robust performance in controlled, scenario-based environments. The comparative analysis offers valuable insights into the strengths and limitations of each approach, suggesting that a hybrid strategy may yield improved effectiveness in both real-world and controlled settings.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Penetration Testing with AI: Case Studies on LLM and RL-Based Attack Agents

  • Rui Fernandes,
  • Nuno Lopes,
  • Paulo Teixeira,
  • Joaquim Gonçalves

摘要

The rapid increase in cyber threats and the persistent challenge of limited Cybersecurity resources raise a pressing need for automation and Artificial Intelligence in Penetration Testing. With the range of different network types and configurations associated with dynamic attack sorts and strategies, there is a demand for AI-driven solutions that adapt to various situations. This paper examines two AI-driven approaches: a Large Language Model–based penetration testing agent (PenTest++) and a Reinforcement Learning agent (Cyberwheel), trained in both simulation and emulation scenarios. Our study reveals that the LLM-based agent excels at integrating current threat intelligence and adapting to emerging attack patterns. In contrast, the RL-based agent demonstrates robust performance in controlled, scenario-based environments. The comparative analysis offers valuable insights into the strengths and limitations of each approach, suggesting that a hybrid strategy may yield improved effectiveness in both real-world and controlled settings.