Cybercriminals never rest. That is why cybersecurity professionals foresee possible danger scenarios and thus prepare for them. In this regard, Microsoft launched a cyberattack simulator in order to help cyber defenders anticipate risky situations.
But what is a cyberattack simulator?
On the other hand, cyberattack simulators are unknown. However, the simulator developed by Microsoft was previously used in robotics, control systems and video games. Its name is CyberBattleSim and it is based on the Open AI Gym toolkit (based on Python). It is also available under an open source license on GitHub.
Its main goal is to help cyber security officers create simulated network environments. There they will see the interactions of attackers and defenders.These are powered by Artificial Intelligence (AI). Reinforcement researchers will be able to develop, train and evaluate new algorithms to train autonomous agents in these environments.
How do I use the simulator?
On the other hand, CyberBattleSim works easily. First, researchers use the open source simulator to create a network with different nodes. In addition to their running services, their vulnerabilities and the security mechanisms on individual nodes.
After this, the simulator instructs automated attackers to conquer the majority of the network. In this conquest their goal will be to exploit the vulnerabilities of the nodes. In turn, the automated defenders detect the attackers, expel them and thus stop the attack. With this mechanism, they expect practitioners to refine the use of reinforcement learning. And thus apply it to the field of cybersecurity
With CyberBattleSim, we are just scratching the surface of what we believe is the enormous potential for applying reinforcement learning to security
William Blum
Finally, Microsoft expects researchers and cybersecurity professionals to take advantage of this tool. William Blum of the Microsoft 365 Defender research team says: “With CyberBattleSim, we are just scratching the surface of what we believe is the enormous potential for applying reinforcement learning to security. We invite researchers and data scientists to take advantage of our experimentation.”
