Automating Privilege Escalation with Deep Reinforcement Learning

Kalle Kujanpää, Willie Victor, Alexander Ilin

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review


AI-based defensive solutions are necessary to defend networks and information assets against intelligent automated attacks. Gathering enough realistic data for training machine learning-based defenses is a significant practical challenge. An intelligent red teaming agent capable of performing realistic attacks can alleviate this problem. However, there is little scientific evidence demonstrating the feasibility of fully automated attacks using machine learning. In this work, we exemplify the potential threat of malicious actors using deep reinforcement learning to train automated agents. We present an agent that uses a state-of-the-art reinforcement learning algorithm to perform local privilege escalation. Our results show that the autonomous agent can escalate privileges in a Windows 7 environment using a wide variety of different techniques depending on the environment configuration it encounters. Hence, our agent is usable for generating realistic attack sensor data for training and evaluating intrusion detection systems.
Original languageEnglish
Title of host publicationAISec 2021 - Proceedings of the 14th ACM Workshop on Artificial Intelligence and Security, co-located with CCS 2021
EditorsNicholas Carlini, Ambra Demontis, Yizheng Chen
Place of PublicationNew York
Number of pages12
ISBN (Electronic)9781450386579
Publication statusPublished - 15 Nov 2021
MoE publication typeA4 Article in a conference publication
EventACM Workshop on Artificial Intelligence and Security - Virtual, Online, Korea, Republic of
Duration: 15 Nov 202115 Nov 2021


WorkshopACM Workshop on Artificial Intelligence and Security
Country/TerritoryKorea, Republic of
CityVirtual, Online


Dive into the research topics of 'Automating Privilege Escalation with Deep Reinforcement Learning'. Together they form a unique fingerprint.

Cite this