Cyber security evaluation is often carried out through security professionals mounting a "simulated" attack on the target network in order to find its weaknesses. The goal of this project is to automate some of this process, using AI planning techniques. From an attacker's point of view, the planning problem features uncertainty (the attacker has a limited view of what is on a network or host) and multiple criteria to optimise (speed, stealth, effort, etc). Challenges in making this work are many: How to derive planning models from the information about security vulnerabilities that is available, and how to obtain realistic estimates of the information that is not? How to exploit the structure of the problem to achieve both scalable planning (making plans for networks with hundreds or thousands of hosts) while making realistic assumptions. Finally, many types of cyber attacks are not only technical but target people's and organisation's vulnerabilities. How to incorporate those in a planning model is one more open research question.
- Hoffmann. Simulated Penetration Testing: From "Dijkstra" to "Turing Test++". Invited talk at ICAPS 2015.
- Boddy, Gohde, Haigh and Harp. Course of Action Generation for Cyber Security Using Classical Planning. ICAPS 2005.
- Carlos Sarraute. Automated Attack Planning. PhD thesis, 2012.
- Trevizan, Thiébaux and Haslum. Occupation Measure Heuristics for Probabilistic Planning. ICAPS 2017.