{"id":"https://openalex.org/W3202894952","doi":"https://doi.org/10.1145/3474369.3486877","title":"Automating Privilege Escalation with Deep Reinforcement Learning","display_name":"Automating Privilege Escalation with Deep Reinforcement Learning","publication_year":2021,"publication_date":"2021-10-28","ids":{"openalex":"https://openalex.org/W3202894952","doi":"https://doi.org/10.1145/3474369.3486877","mag":"3202894952"},"language":"en","primary_location":{"id":"doi:10.1145/3474369.3486877","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3474369.3486877","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 14th ACM Workshop on Artificial Intelligence and Security","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2110.01362","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5071646517","display_name":"Kalle Kujanp\u00e4\u00e4","orcid":null},"institutions":[{"id":"https://openalex.org/I9927081","display_name":"Aalto University","ror":"https://ror.org/020hwjq30","country_code":"FI","type":"education","lineage":["https://openalex.org/I9927081"]}],"countries":["FI"],"is_corresponding":true,"raw_author_name":"Kalle Kujanp\u00e4\u00e4","raw_affiliation_strings":["Aalto University, Espoo, Finland"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Aalto University, Espoo, Finland","institution_ids":["https://openalex.org/I9927081"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053354372","display_name":"Willie Victor","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Willie Victor","raw_affiliation_strings":["F-Secure, Johannesburg, South Africa"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"F-Secure, Johannesburg, South Africa","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5103933556","display_name":"Alexander Ilin","orcid":"https://orcid.org/0000-0001-6419-3006"},"institutions":[{"id":"https://openalex.org/I9927081","display_name":"Aalto University","ror":"https://ror.org/020hwjq30","country_code":"FI","type":"education","lineage":["https://openalex.org/I9927081"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Alexander Ilin","raw_affiliation_strings":["Aalto University, Espoo, Finland"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Aalto University, Espoo, Finland","institution_ids":["https://openalex.org/I9927081"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5071646517"],"corresponding_institution_ids":["https://openalex.org/I9927081"],"apc_list":null,"apc_paid":null,"fwci":1.4416,"has_fulltext":false,"cited_by_count":17,"citation_normalized_percentile":{"value":0.83074233,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"157","last_page":"168"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/reinforcement-learning","display_name":"Reinforcement learning","score":0.8834681510925293},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7920514345169067},{"id":"https://openalex.org/keywords/variety","display_name":"Variety (cybernetics)","score":0.6857102513313293},{"id":"https://openalex.org/keywords/usable","display_name":"USable","score":0.6642662286758423},{"id":"https://openalex.org/keywords/privilege","display_name":"Privilege (computing)","score":0.5719685554504395},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5396212935447693},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5366062521934509},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.5192041993141174},{"id":"https://openalex.org/keywords/hacker","display_name":"Hacker","score":0.49163371324539185},{"id":"https://openalex.org/keywords/autonomous-agent","display_name":"Autonomous agent","score":0.4637167453765869},{"id":"https://openalex.org/keywords/intelligent-agent","display_name":"Intelligent agent","score":0.43000173568725586},{"id":"https://openalex.org/keywords/state","display_name":"State (computer science)","score":0.4287605285644531},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.39256855845451355},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.3845205008983612},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.12962636351585388}],"concepts":[{"id":"https://openalex.org/C97541855","wikidata":"https://www.wikidata.org/wiki/Q830687","display_name":"Reinforcement learning","level":2,"score":0.8834681510925293},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7920514345169067},{"id":"https://openalex.org/C136197465","wikidata":"https://www.wikidata.org/wiki/Q1729295","display_name":"Variety (cybernetics)","level":2,"score":0.6857102513313293},{"id":"https://openalex.org/C2780615836","wikidata":"https://www.wikidata.org/wiki/Q2471869","display_name":"USable","level":2,"score":0.6642662286758423},{"id":"https://openalex.org/C2780138299","wikidata":"https://www.wikidata.org/wiki/Q3404265","display_name":"Privilege (computing)","level":2,"score":0.5719685554504395},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5396212935447693},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5366062521934509},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.5192041993141174},{"id":"https://openalex.org/C86844869","wikidata":"https://www.wikidata.org/wiki/Q2798820","display_name":"Hacker","level":2,"score":0.49163371324539185},{"id":"https://openalex.org/C13687954","wikidata":"https://www.wikidata.org/wiki/Q4826847","display_name":"Autonomous agent","level":2,"score":0.4637167453765869},{"id":"https://openalex.org/C74072328","wikidata":"https://www.wikidata.org/wiki/Q1142726","display_name":"Intelligent agent","level":2,"score":0.43000173568725586},{"id":"https://openalex.org/C48103436","wikidata":"https://www.wikidata.org/wiki/Q599031","display_name":"State (computer science)","level":2,"score":0.4287605285644531},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.39256855845451355},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3845205008983612},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.12962636351585388},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3474369.3486877","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3474369.3486877","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 14th ACM Workshop on Artificial Intelligence and Security","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2110.01362","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2110.01362","pdf_url":"https://arxiv.org/pdf/2110.01362","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2110.01362","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2110.01362","pdf_url":"https://arxiv.org/pdf/2110.01362","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.7099999785423279,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":44,"referenced_works":["https://openalex.org/W1522301498","https://openalex.org/W2046033161","https://openalex.org/W2288303032","https://openalex.org/W2313875766","https://openalex.org/W2560828726","https://openalex.org/W2591102410","https://openalex.org/W2603959005","https://openalex.org/W2611484353","https://openalex.org/W2782999659","https://openalex.org/W2784452215","https://openalex.org/W2796394805","https://openalex.org/W2797678261","https://openalex.org/W2799087499","https://openalex.org/W2861867928","https://openalex.org/W2885070483","https://openalex.org/W2908643158","https://openalex.org/W2911747218","https://openalex.org/W2912451346","https://openalex.org/W2918664583","https://openalex.org/W2932977083","https://openalex.org/W2942465044","https://openalex.org/W2952298682","https://openalex.org/W2958447199","https://openalex.org/W2962853428","https://openalex.org/W2963978142","https://openalex.org/W2964043796","https://openalex.org/W2964061570","https://openalex.org/W2968580482","https://openalex.org/W2983270658","https://openalex.org/W2991680373","https://openalex.org/W2995988246","https://openalex.org/W3003546983","https://openalex.org/W3004686484","https://openalex.org/W3100802376","https://openalex.org/W3125321227","https://openalex.org/W3155797402","https://openalex.org/W3165299215","https://openalex.org/W3169534147","https://openalex.org/W4214717370","https://openalex.org/W4230014050","https://openalex.org/W4249033934","https://openalex.org/W4249736682","https://openalex.org/W4287775366","https://openalex.org/W4295312788"],"related_works":["https://openalex.org/W4255709826","https://openalex.org/W1514940859","https://openalex.org/W4389284117","https://openalex.org/W1599792556","https://openalex.org/W2618926139","https://openalex.org/W4244883971","https://openalex.org/W1563032952","https://openalex.org/W1490903399","https://openalex.org/W857573608","https://openalex.org/W1594672956"],"abstract_inverted_index":{"AI-based":[0],"defensive":[1],"solutions":[2],"are":[3],"necessary":[4],"to":[5,74,89],"defend":[6],"networks":[7],"and":[8,135],"information":[9],"assets":[10],"against":[11],"intelligent":[12,30],"automated":[13,54,76],"attacks.":[14],"Gathering":[15],"enough":[16],"realistic":[17,37,129],"data":[18,132],"for":[19,127,133],"training":[20,134],"machine":[21,57],"learning-based":[22],"defenses":[23],"is":[24,45,125],"a":[25,84,105,109],"significant":[26],"practical":[27],"challenge.":[28],"An":[29],"red":[31],"teaming":[32],"agent":[33,81,100,124],"capable":[34],"of":[35,52,67,112],"performing":[36],"attacks":[38,55],"can":[39,101],"alleviate":[40],"this":[41,60],"problem.":[42],"However,":[43],"there":[44],"little":[46],"scientific":[47],"evidence":[48],"demonstrating":[49],"the":[50,64,98,117],"feasibility":[51],"fully":[53],"using":[56,70,108],"learning.":[58],"In":[59],"work,":[61],"we":[62],"exemplify":[63],"potential":[65],"threat":[66],"malicious":[68],"actors":[69],"deep":[71],"reinforcement":[72,86],"learning":[73,87],"train":[75],"agents.":[77],"We":[78],"present":[79],"an":[80],"that":[82,97],"uses":[83],"state-of-the-art":[85],"algorithm":[88],"perform":[90],"local":[91],"privilege":[92],"escalation.":[93],"Our":[94],"results":[95],"show":[96],"autonomous":[99],"escalate":[102],"privileges":[103],"in":[104],"Windows~7":[106],"environment":[107,118],"wide":[110],"variety":[111],"different":[113],"techniques":[114],"depending":[115],"on":[116],"configuration":[119],"it":[120],"encounters.":[121],"Hence,":[122],"our":[123],"usable":[126],"generating":[128],"attack":[130],"sensor":[131],"evaluating":[136],"intrusion":[137],"detection":[138],"systems.":[139]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":7},{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":3}],"updated_date":"2026-05-07T13:39:58.223016","created_date":"2021-10-11T00:00:00"}