CybORG: A Gym for the Development of Autonomous Cyber Agents
Reviewed by Pith T0 review T1 audit T2 compute T3 formal T4 kernel pith:TJM5Y23Irecord.jsonopen to challenge →
read the original abstract
Autonomous Cyber Operations (ACO) involves the development of blue team (defender) and red team (attacker) decision-making agents in adversarial scenarios. To support the application of machine learning algorithms to solve this problem, and to encourage researchers in this field to attend to problems in the ACO setting, we introduce CybORG, a work-in-progress gym for ACO research. CybORG features a simulation and emulation environment with a common interface to facilitate the rapid training of autonomous agents that can then be tested on real-world systems. Initial testing demonstrates the feasibility of this approach.
This paper has not been read by Pith yet.
Forward citations
Cited by 7 Pith papers
-
COHORT: Collaborative Orchestration for Hardening via Offensive Replay on Emulated Topologies
COHORT automates mitigation generation for network attacks via collaborative LLMs on emulated topologies with offensive replay evaluation, reporting 46.7% success rate that is 4.4 times higher than a single-agent baseline.
-
Dynamic Cyber Ranges
Dynamic Cyber Ranges with LLM defender agents reduce attacker success to 0-55% and preserve evaluation headroom as models advance by using comparable capabilities on both sides.
-
Beyond Runtime Enforcement: Shield Synthesis as Defensibility Analysis for Adversarial Networks
Shield synthesis is repositioned as a design-time defensibility analysis framework for adversarial networks, generating verdicts, winning regions, and fingerprints that separate formal safety from operational behavior...
-
Closing the Sim-to-Real Gap: An Evaluation Framework for Autonomous Cyber Defense Configuration of Commercial EDR
Introduces an evaluation framework for autonomous defense agents hardening commercial EDR, tested in a GOAD lab with Microsoft Defender XDR and two LLMs, revealing three lessons on telemetry design, per-policy attribu...
-
Event-Driven Temporal Graph Networks for Asynchronous Multi-Agent Cyber Defense in NetForge_RL
CT-GMARL with fixed-step Neural ODEs in the NetForge_RL simulator delivers 2.0x higher median Blue reward than R-MAPPO, restores 12x more services, and transfers zero-shot to a live Docker environment with median rewa...
-
FORGE: Self-Evolving Agent Memory With No Weight Updates via Population Broadcast
FORGE is a staged population protocol that evolves prompt-injected memory (Rules, Examples, or Mixed) for ReAct agents via reflection and broadcast, yielding 1.7-7.7× gains over zero-shot and 29-72% over Reflexion on ...
-
Operationalizing Cybersecurity Governance for Mitigation Planning with Attack-Path Modeling and Reinforcement Learning
A DRL framework maps CSF governance assessments to ATT&CK mitigations, simulates attacks via VOMM, and optimizes resource-constrained defense policies with stable, interpretable outcomes.
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.