Automated Adversary Emulation: A Case for Planning and Acting with
Unknowns
Doug Miller, Ron Alford, Andy Applebaum, Henry Foster, Caleb Little, and Blake Strom
The MITRE Corporation
7515 Colshire Drive
McLean, Virginia 22102
{dpmiller, ralford, aapplebaum, hfoster, clittle, bstrom}@mitre.org
Abstract
Adversary emulation assessments offer defenders the
ability to view their networks from the point of view of
an adversary. Because these assessments are time con-
suming, there has been recent interest in the automated
planning community on using planning to create solu-
tions for an automated adversary to follow. We devi-
ate from existing research, and instead argue that auto-
mated adversary emulation – as well as automated pene-
tration testing – should be treated as both a planning and
an acting problem. Our argument hinges on the fact that
adversaries typically have to manage unbounded un-
certainty during assessments, which many of the prior
techniques do not consider. To illustrate this, we pro-
vide examples and a formalism of the problem, and dis-
cuss shortcomings in existing planning modeling lan-
guages when representing this domain. Additionally,
we describe our experiences developing solutions to this
problem, including our own custom representation and
algorithms. Our work helps characterize the nature of
problems in this space, and lays important groundwork
for future research.
Introduction
To best understand the security of their systems, network
defenders often use offensive testing techniques and assess-
ments. These types of assessments come in many forms,
ranging from penetration tests – where a team of “white
hats” probe the network to identify weaknesses and vulner-
abilities – to full-scale red team or even adversary emula-
tion exercises, wherein a team fully emulates an adversary,
beginning with reconnaissance, tool and infrastructure de-
velopment, and initial compromise, and only ending when
they reach the specified adversary’s goals. As opposed to
pure defensive analysis, offensive testing can provide con-
crete measures of the security of a network by illustrating
real attack paths that an adversary could take.
While offensive testing has clear benefits for defenders,
it can be difficult for them to actually employ: these tests
can be increasingly costly, time-consuming, and personnel
constrained. In lieu of easy-to-access offensive testing, an
emerging trend in the security community is to launch au-
tomated offensive assessments. Tools in this space range
Copyright
c
2018, The MITRE Corporation. All rights reserved.
Approved for public release. Distribution unlimited 18-0944-1.
in capability, from those that focus on technique execution
(Smith, Casey 2017) to those that seek to fully emulate an
adversary by engaging the full post-compromise adversary
life-cycle (Applebaum et al. 2016).
Similarly, the automated planning community has re-
cently taken an interest in security assessments and tests.
(Bozic and Wotawa 2017) identify the natural application
of automated planning to security: attacks are typically de-
scribed as a sequence of steps that ultimately achieve a goal,
similar in many ways to a plan. They argue that by using
automated planning, we can construct tests that we can run
against our systems that can identify weaknesses; the au-
thors specifically identify how planning can be used to as-
sess web applications (e.g., SQL injection) as well as the
SSL/TLS protocol. Other recent applications include using
automated planning and plan recognition to identify larger
attack paths (Amos-Binks et al. 2017) as well as vulnerabil-
ity assessment (Khan and Parkinson 2017).
More specific to offensive testing is the line of work dedi-
cated towards using automated planning specifically for pen-
etration tests. Obes, Sarraute, and Richarte (2010) present
a model that leverages a deterministic planner alongside a
domain description of exploits and connectivity to diagram
paths that adversaries could take. Followup work in Sar-
raute, Buffet, and Hoffmann (2012) expands the model by
adding in uncertainty – leaving the core security domain the
same – and now using a Partially Observable Markov De-
cision Process (POMDP) to solve the problem. Shmaryahu
et al. (2017) would later acknowledge this POMDP model’s
success and accuracy, but note its shortcomings – mainly
in time-to-compute – as a motivation for using partially ob-
servable contingent planning, an approach they argue lies
between that of full-knowledge classical planning and multi-
belief POMDPs.
Recognizing the wide array of work on automated plan-
ning for penetration testing, Hoffman (2015) offers a survey
of the literature where he identifies the two main dimensions
of existing research: how the approach handles uncertainty
from the point of view of the adversary, and how the at-
tack components interact with each other. Hoffman similarly
enumerates eight key assumptions, and surveys the literature
mapping each to its appropriate assumptions as well as how
the approach maps to the two dimensions he identifies.
Despite all of the work dedicated to using automated plan-
