{"id":"https://openalex.org/W4405439851","doi":"https://doi.org/10.1109/tdsc.2024.3518500","title":"APRIL: Towards Scalable and Transferable Autonomous Penetration Testing in Large Action Space via Action Embedding","display_name":"APRIL: Towards Scalable and Transferable Autonomous Penetration Testing in Large Action Space via Action Embedding","publication_year":2024,"publication_date":"2024-12-16","ids":{"openalex":"https://openalex.org/W4405439851","doi":"https://doi.org/10.1109/tdsc.2024.3518500"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2024.3518500","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2024.3518500","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5033311619","display_name":"Shicheng Zhou","orcid":"https://orcid.org/0000-0001-9686-3836"},"institutions":[{"id":"https://openalex.org/I170215575","display_name":"National University of Defense Technology","ror":"https://ror.org/05d2yfz11","country_code":"CN","type":"education","lineage":["https://openalex.org/I170215575"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shicheng Zhou","raw_affiliation_strings":["College of Electronic Engineering, National University of Defense Technology, Hefei, China"],"raw_orcid":"https://orcid.org/0000-0001-9686-3836","affiliations":[{"raw_affiliation_string":"College of Electronic Engineering, National University of Defense Technology, Hefei, China","institution_ids":["https://openalex.org/I170215575"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045045561","display_name":"Jingju Liu","orcid":"https://orcid.org/0009-0005-9506-6903"},"institutions":[{"id":"https://openalex.org/I170215575","display_name":"National University of Defense Technology","ror":"https://ror.org/05d2yfz11","country_code":"CN","type":"education","lineage":["https://openalex.org/I170215575"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jingju Liu","raw_affiliation_strings":["College of Electronic Engineering, National University of Defense Technology, Hefei, China"],"raw_orcid":"https://orcid.org/0009-0005-9506-6903","affiliations":[{"raw_affiliation_string":"College of Electronic Engineering, National University of Defense Technology, Hefei, China","institution_ids":["https://openalex.org/I170215575"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5089358541","display_name":"Yuliang Lu","orcid":"https://orcid.org/0000-0002-8502-9907"},"institutions":[{"id":"https://openalex.org/I170215575","display_name":"National University of Defense Technology","ror":"https://ror.org/05d2yfz11","country_code":"CN","type":"education","lineage":["https://openalex.org/I170215575"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yuliang Lu","raw_affiliation_strings":["College of Electronic Engineering, National University of Defense Technology, Hefei, China"],"raw_orcid":"https://orcid.org/0000-0002-8502-9907","affiliations":[{"raw_affiliation_string":"College of Electronic Engineering, National University of Defense Technology, Hefei, China","institution_ids":["https://openalex.org/I170215575"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5023416195","display_name":"Jiahai Yang","orcid":"https://orcid.org/0000-0001-6109-6737"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jiahai Yang","raw_affiliation_strings":["Institute for Network Sciences and Cyberspace and the Beijing National Research Center for Information Science and Technology, Tsinghua University, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0001-6109-6737","affiliations":[{"raw_affiliation_string":"Institute for Network Sciences and Cyberspace and the Beijing National Research Center for Information Science and Technology, Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5060691225","display_name":"Dongdong Hou","orcid":"https://orcid.org/0000-0002-4400-4295"},"institutions":[{"id":"https://openalex.org/I170215575","display_name":"National University of Defense Technology","ror":"https://ror.org/05d2yfz11","country_code":"CN","type":"education","lineage":["https://openalex.org/I170215575"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Dongdong Hou","raw_affiliation_strings":["College of Electronic Engineering, National University of Defense Technology, Hefei, China"],"raw_orcid":"https://orcid.org/0000-0002-4400-4295","affiliations":[{"raw_affiliation_string":"College of Electronic Engineering, National University of Defense Technology, Hefei, China","institution_ids":["https://openalex.org/I170215575"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Yue Zhang","orcid":"https://orcid.org/0009-0007-3570-2132"},"institutions":[{"id":"https://openalex.org/I170215575","display_name":"National University of Defense Technology","ror":"https://ror.org/05d2yfz11","country_code":"CN","type":"education","lineage":["https://openalex.org/I170215575"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yue Zhang","raw_affiliation_strings":["College of Computer Science and Technology, National University of Defense Technology, Changsha, China"],"raw_orcid":"https://orcid.org/0009-0007-3570-2132","affiliations":[{"raw_affiliation_string":"College of Computer Science and Technology, National University of Defense Technology, Changsha, China","institution_ids":["https://openalex.org/I170215575"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5088071538","display_name":"Shulong Hu","orcid":null},"institutions":[{"id":"https://openalex.org/I170215575","display_name":"National University of Defense Technology","ror":"https://ror.org/05d2yfz11","country_code":"CN","type":"education","lineage":["https://openalex.org/I170215575"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shulong Hu","raw_affiliation_strings":["College of Electronic Engineering, National University of Defense Technology, Hefei, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"College of Electronic Engineering, National University of Defense Technology, Hefei, China","institution_ids":["https://openalex.org/I170215575"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.8328,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.88070258,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":98,"max":99},"biblio":{"volume":"22","issue":"3","first_page":"2443","last_page":"2459"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9901000261306763,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9901000261306763,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9861000180244446,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10812","display_name":"Human Pose and Action Recognition","score":0.9661999940872192,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6800773739814758},{"id":"https://openalex.org/keywords/embedding","display_name":"Embedding","score":0.6392747759819031},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.5533287525177002},{"id":"https://openalex.org/keywords/penetration","display_name":"Penetration (warfare)","score":0.5325376391410828},{"id":"https://openalex.org/keywords/action","display_name":"Action (physics)","score":0.5113531947135925},{"id":"https://openalex.org/keywords/space","display_name":"Space (punctuation)","score":0.4223945736885071},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.1614057719707489},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.09725022315979004},{"id":"https://openalex.org/keywords/physics","display_name":"Physics","score":0.09476393461227417},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.06920060515403748},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.05892375111579895}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6800773739814758},{"id":"https://openalex.org/C41608201","wikidata":"https://www.wikidata.org/wiki/Q980509","display_name":"Embedding","level":2,"score":0.6392747759819031},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.5533287525177002},{"id":"https://openalex.org/C80107235","wikidata":"https://www.wikidata.org/wiki/Q7162625","display_name":"Penetration (warfare)","level":2,"score":0.5325376391410828},{"id":"https://openalex.org/C2780791683","wikidata":"https://www.wikidata.org/wiki/Q846785","display_name":"Action (physics)","level":2,"score":0.5113531947135925},{"id":"https://openalex.org/C2778572836","wikidata":"https://www.wikidata.org/wiki/Q380933","display_name":"Space (punctuation)","level":2,"score":0.4223945736885071},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.1614057719707489},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.09725022315979004},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.09476393461227417},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.06920060515403748},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.05892375111579895},{"id":"https://openalex.org/C42475967","wikidata":"https://www.wikidata.org/wiki/Q194292","display_name":"Operations research","level":1,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tdsc.2024.3518500","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2024.3518500","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":40,"referenced_works":["https://openalex.org/W1629225656","https://openalex.org/W2121805588","https://openalex.org/W2138621090","https://openalex.org/W2145339207","https://openalex.org/W2896457183","https://openalex.org/W2952298682","https://openalex.org/W2970641574","https://openalex.org/W2982316857","https://openalex.org/W3094485976","https://openalex.org/W3100802376","https://openalex.org/W3118213538","https://openalex.org/W3138984732","https://openalex.org/W3209559250","https://openalex.org/W4200118636","https://openalex.org/W4214717370","https://openalex.org/W4221054774","https://openalex.org/W4246183800","https://openalex.org/W4307411952","https://openalex.org/W4312443712","https://openalex.org/W4313216096","https://openalex.org/W4313481358","https://openalex.org/W4318312487","https://openalex.org/W4353056919","https://openalex.org/W4388483012","https://openalex.org/W4404524763","https://openalex.org/W6636534981","https://openalex.org/W6692846177","https://openalex.org/W6741002519","https://openalex.org/W6747473740","https://openalex.org/W6757592117","https://openalex.org/W6762456871","https://openalex.org/W6767787902","https://openalex.org/W6780571964","https://openalex.org/W6784098896","https://openalex.org/W6801077506","https://openalex.org/W6801396756","https://openalex.org/W6802227391","https://openalex.org/W6812742317","https://openalex.org/W6854934607","https://openalex.org/W6864350279"],"related_works":["https://openalex.org/W2081900870","https://openalex.org/W2389214306","https://openalex.org/W2965083567","https://openalex.org/W2037549926","https://openalex.org/W4235240664","https://openalex.org/W1838576100","https://openalex.org/W2095886385","https://openalex.org/W2889616422","https://openalex.org/W2089704382","https://openalex.org/W1983399550"],"abstract_inverted_index":{"Penetration":[0],"testing":[1],"(pentesting)":[2],"assesses":[3],"cybersecurity":[4],"through":[5],"simulated":[6,172],"attacks,":[7],"while":[8],"the":[9,48,97,137],"conventional":[10],"manual-based":[11],"method":[12,152],"is":[13],"costly,":[14],"time-consuming,":[15],"and":[16,42,77,123,157,165,189],"personnel-constrained.":[17],"Reinforcement":[18],"learning":[19,25,68,163],"(RL)":[20],"provides":[21],"an":[22,147],"agent-environment":[23],"interaction":[24],"paradigm,":[26],"making":[27],"it":[28],"a":[29,60,121,158],"promising":[30],"way":[31],"for":[32],"autonomous":[33,52,62],"pentesting.":[34,53],"However,":[35],"agents\u2019":[36],"scalability":[37,184],"in":[38,79,171,185],"large":[39,80,186],"action":[40,81,118,138,150,187],"spaces":[41,188],"policy":[43,194],"transferability":[44],"across":[45,196],"scenarios":[46,173],"limit":[47],"applicability":[49],"of":[50,99],"RL-based":[51],"To":[54],"address":[55],"these":[56],"challenges,":[57],"we":[58,85],"present":[59],"novel":[61],"pentesting":[63,110],"framework":[64],"based":[65,175],"on":[66,176],"reinforcement":[67],"(namely":[69],"APRIL)":[70],"to":[71,95,115,132,153,161,192],"train":[72],"agents":[73],"that":[74],"are":[75,129,145],"scalable":[76],"transferable":[78],"spaces.":[82],"In":[83],"APRIL,":[84],"construct":[86],"realistic,":[87],"bounded,":[88],"host-level":[89],"state":[90],"space":[91,119],"via":[92],"embedding":[93,126,139],"techniques":[94],"avoid":[96],"complexities":[98],"dealing":[100],"with":[101],"unbounded":[102],"network-level":[103],"information.":[104],"We":[105,168],"employ":[106],"semantic":[107],"correlations":[108],"between":[109],"actions":[111,135],"as":[112],"prior":[113],"knowledge":[114],"represent":[116],"discrete":[117],"into":[120],"continuous":[122],"semantically":[124],"meaningful":[125],"space.":[127],"Agents":[128],"then":[130],"trained":[131],"reason":[133],"over":[134],"within":[136],"space,":[140],"where":[141],"two":[142],"key":[143],"methods":[144],"applied:":[146],"upper-confidence":[148],"bound-based":[149],"refinement":[151],"encourage":[154],"efficient":[155],"exploration,":[156],"distance-aware":[159],"loss":[160],"improve":[162],"efficiency":[164],"generalization":[166],"performance.":[167],"conduct":[169],"experiments":[170],"constructed":[174],"virtualized":[177],"vulnerable":[178],"environments.":[179],"The":[180],"results":[181],"demonstrate":[182],"APRIL's":[183],"its":[190],"ability":[191],"facilitate":[193],"transfer":[195],"diverse":[197],"scenarios.":[198]},"counts_by_year":[{"year":2025,"cited_by_count":6}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}