The Path and Progress of Empowering Network Attack and Defense Platforms with Artificial Intelligence

WANG Qun; LI Fujuan; GAO Guangliang

doi:null

您当前的位置：

首页 >

文章列表页 >

The Path and Progress of Empowering Network Attack and Defense Platforms with Artificial Intelligence

更新时间：2026-04-14

- The Path and Progress of Empowering Network Attack and Defense Platforms with Artificial Intelligence
- Telecommunications Science (2026)
- 作者机构：
  
  1.江苏警官学院计算机信息与网络安全系，江苏南京 210031
  2.江苏省电子数据取证分析工程研究中心，江苏南京 210031
- 作者简介：
- 基金信息：
  
  The National Natural Science Foundation of China(72401110);the Excellent Scientific and Technological Innovation Team of Jiangsu Universities, Key disciplines of Jiangsu Province in the 14th Five-Year Plan:Public Security Technology and Cyberspace Security, Ministry of Education Humanities and Social Sciences Research Planning Fund
- DOI：
  CLC： TP391
- Received：04 January 2026，
  
  Revised：2026-03-02，
  
  Accepted：02 March 2026，
- 稿件说明：
移动端阅览
WANG Qun, LI Fujuan, GAO Guangliang. The Path and Progress of Empowering Network Attack and Defense Platforms with Artificial Intelligence[J/OL]. Telecommunications Science, 2026.
DOI：

WANG Qun, LI Fujuan, GAO Guangliang. The Path and Progress of Empowering Network Attack and Defense Platforms with Artificial Intelligence[J/OL]. Telecommunications Science, 2026. DOI：

摘要

网络攻防平台是支撑网络安全对抗演练、提升实战能力的关键载体。本文聚焦于人工智能技术对网络攻防平台的赋能路径与体系化构建方法，针对传统平台在动态演化、场景多样性与评估维度等方面的局限，研究融合多智能体系统、强化学习与大语言模型等关键技术，提出一种集成智能攻击模拟、自适应防御决策与自动化评估反馈的分层可配置平台架构，并设计了基于模仿学习与终身学习的层次化智能体训练机制。该平台能够动态生成高逼真攻击链、实现跨域协同防御与多维度量化评估，从而有效提升攻防演练的实战性与训练精准度。通过策略库、环境仿真及评估体系的场景化配置，该架构可灵活适配教育、科研与产业演练等多元应用需求。本文进一步剖析了平台面临的可解释性、仿真真实性、数据隐私与伦理规范等关键挑战，并从可解释人工智能、数字孪生、隐私计算及标准化协同等方面展望了未来研究方向，以期为构建下一代自适应、可持续演进的新型网络防御体系提供理论支撑与实践参考。

Abstract

Cyber range platforms serve as critical infrastructure for conducting cybersecurity exercises and enhancing operational readiness. This paper focuses on the enabling pathways and systematic methodologies for empowering such platforms through artificial intelligence (AI). To address the limitations of conventional platforms in dynamic evolution

scenario diversity

and evaluation dimensions

we integrate key technologies including multi-agent systems

reinforcement learning

and large language models. We propose a hierarchical and configurable platform architecture that incorporates intelligent attack simulation

adaptive defense decision-making

and automated evaluation and feedback. Furthermore

a layered intelligent agent training mechanism based on imitation learning and lifelong learning is designed.The proposed platform can dynamically generate high-fidelity attack chains

achieve cross-domain collaborative defense

and perform multi-dimensional quantitative evaluation

thereby significantly improving the realism and precision of cyber exercise training. Through scenario-specific configuration of strategy libraries

environment simulation

and evaluation systems

the architecture can be flexibly adapted to diverse application needs in education

scientific research

and industrial drills.This paper also examines key challenges faced by the platform

including model interpretability

simulation authenticity

data privacy

and ethical compliance. Future research directions are outlined

encompassing explainable AI

digital twins

privacy-preserving computation

and standardization collaboration. The study aims to provide theoretical support and practical guidance for building a next-generation adaptive and sustainably evolving cyber defense system.

关键词

Keywords

references

王群 , 李馥娟 , 郭向民 , 等 . 网络靶场实训平台的规划与实践 [J ] . 火力与指挥控制 , 2021 , 46 ( 07 ): 136 - 141 .

WANG Q , LI F J , GUO X M . Planningand Practiceof Training Platform of Cyber Range [J ] . Fire Control & Command Control , 2021 , 46 ( 07 ): 136 - 141 .

杨丽 , 朱凌波 , 于越明 , 等 . 联邦学习与攻防对抗综述 [J ] . 信息网络安全 , 2023 , 23 ( 12 ): 69 - 90 .

YANG L , ZHU L , YU Y , et al . Review of Federal Learning and Offensive Defensive Confrontation [J ] . Netinfo Security , 2023 , 23 ( 12 ): 69 - 90

张靖如 , 方志耕 , 孙云柯 , 等 . 多阶段攻防对抗体系效能评估MS-GERT模型 [J ] . 系统工程与电子技术 , 2025 , 47 ( 07 ): 2237 - 2245 .

ZHANG J R , FANG Z G , SUN Y K , et al . MS-GERT model for effectiveness evaluation of multi-stage offensive and defensive adversarial system-of-systems [J ] . Systems Engineering and Electronics , 2025 , 47 ( 7 ): 2237 - 2245 .

CHEN X , LIU Y , WANG J . Dynamic Attack Simulation for Cyber Security Training Based on Multi-Agent Systems [J ] . IEEE Transactions on Education , 2022 , 65 ( 3 ): 217 - 226 .

DU W , WANG H , LIU C . SEED: A Suite of Hands-On Laboratory Exercises for Computer Security Education [J ] . ACM Transactions on Computing Education , 2020 , 20 ( 2 ): 1 - 28 .

朱兆梁 , 沈建京 , 郭晓峰 , 等 . 基于复杂网络-灰靶理论的网络空间攻防方案评估 [J ] . 火力与指挥控制 , 2022 , 47 ( 04 ): 90 - 95+103 .

ZHU Z L , SHEN J J , GUO X F , et al . Evaluation of cyberspace attack and defense scheme based on complex network and grey target theory [J ] . Fire Control & Command Control , 2022 , 47 ( 4 ): 90 - 95 .

博智安全科技股份有限公司 . AI 攻防演练系统技术白皮书 [R ] . 南京：博智安全科技股份有限公司 , 2024 .Bozhi Security Technology Co., Ltd. Technical White Paper on AI Attack-Defense Exercise System [R ] . Nanjing: Bozhi Security Technology Co., Ltd. , 2024..

马兆丰 , 彭海朋 , 陈秀波 , 等 . 新形势下网络空间安全创新型专业人才培养体系研究 [J ] . 信息安全研究 , 2025 , 11 ( 04 ): 385 - 391 .

MA Z F , PENG H P , CHEN X B , et al . Innovative and professional talent education architecture of cyberspace security in new situation [J ] . Journal of Information Security Research , 2025 , 11 ( 04 ): 385 - 391 .

GOODFELLOW I J , POUGET-ABADIE J , MIRZA M , et al . Generative adversarial nets [J ] . Advances in neural information processing systems , 2014 , 27 : 1 - 9 .

BROWN T , MANN B , RYDER N , et al . Language models are few-shot learners [J ] . Advances in neural information processing systems , 2020 , 33 : 1877 - 1901 .

刘艾杉 , 郭骏 , 李思民 , 等 . 面向深度强化学习的对抗攻防综述 [J ] . 计算机学报 , 2023 , 46 ( 08 ): 1553 - 1576 .

LIU A S , GUO J , LI S M , et al . A survey on Adversarial Attacks and Defenses for Deep Reinforcement Learning [J ] . Chinese Journal of Computers , 2023 , 46 ( 08 ): 1553 - 1576 .

王立夫 , 高聪 , 郭戈 , 等 . 异构多智能体网络拓扑可辨识性 [J ] . 自动化学报 , 2025 , 51 ( 03 ): 559 - 569 .

WANG L F , GAO C , GUO G , et al . Discernibility of Heterogeneous Multi-agent Networks Topology [J ] . ACTA Automatica Sinica , 2025 , 51 ( 03 ): 559 - 569 .

张学旺 , 卢荟 , 谢昊飞 . 基于节点中心性和大模型的漏洞检测数据增强方法 [J ] . 信息网络安全 , 2025 , 25 ( 04 ): 550 - 563 .

ZHANG X W , LU H , XIE H F . A Data Augmentation Method Based on Graph Node Centrality and Large Model for Vulnerability Detection [J ] . Netinfo Security , 2025 , 25 ( 4 ): 550 - 563 .

MADDIREDDY B R , MADDIREDDY B R . The role of reinforcement learning in dynamic cyber defense strategies [J ] . International Journal of Advanced Engineering Technologies and Innovations , 2024 , 2 ( 1 ): 267 - 292 .

SARHAN M , LAYEGHY S , MOUSTAFA , et al . Cyber threat intelligence sharing scheme based on federated learning for network intrusion detection [J ] . Journal of Network and Systems Management , 2023 , 31 ( 1 ): 3 .

LANKA P , GUPTA K , VAROL C . Intelligent threat detection-AI-driven analysis of honeypot data to counter cyber threats [J ] . Electronics , 2024 , 13 ( 13 ): 2465 .

NGUYEN T , RNDI N , NETH A . Noise Contrastive Estimation-based Matching Framework for Low-Resource Security Attack Pattern Recognition [J ] . arXiv: 2401.10337 , 2024 .

JABER A , FRITSCH L . Towards ai-powered cybersecurity attack modeling with simulation tools: Review of attack simulators [C ] // International Conference on P2P,Parallel,Grid,Cloud and Internet Computing . Cham : Springer International Publishing , 2022 : 249 - 257 .

SHEN G , ZHAO D , FENG L , et al . PANDAGUARD: Systematic Evaluation of LLM Safety against Jailbreaking Attacks [J ] . arXiv preprint arXiv: 2505.13862 , 2025 .

HIRSCHOWITZ E , RAMOS F . Harnessing Bounded-Support Evolution Strategies for Policy Refinement [J ] . arXiv preprint arXiv: 2511.09923 , 2025 .

YAO Y , DUAN J , XU K , et al . A survey on large language model (llm) security and privacy: The good, the bad, and the ugly [J ] . High-Confidence Computing , 2024 , 4 ( 2 ): 100211 .

万维易源 . AI赋能实战网络靶场：构筑智能防御新篇章 [EB/OL ] .( 2025-10-10 )[ 2025-11-11 ] . https://www.showapi. com/news/article/68e7e60e4ddd79d13511fa1f.Wanwei Yiyuan. AI-Empowered Live-Fire Cyber Ranges: Forging a New Chapter in Intelligent Defense https://www.showapi.com/news/article/68e7e60e4ddd79d13511fa1f.WanweiYiyuan.AI-EmpoweredLive-FireCyberRanges:ForgingaNewChapterinIntelligentDefense [EB/OL ] . ( 2025-10-10 )[ 2025-11-11 ] . https://www.showapi.com/news/ article/68e7e60e4ddd79d13511fa1f https://www.showapi.com/news/article/68e7e60e4ddd79d13511fa1f .

ADAWADKAR A M K , KULKARNI N . Cyber-security and reinforcement learning-a brief survey [J ] . Engineering Applications of Artificial Intelligence , 2022 , 114 : 105116 .

NGUYEN T T , REDDI V J . Deep reinforcement learning for cyber security [J ] . IEEE Transactions on Neural Networks and Learning Systems , 2021 , 34 ( 8 ): 3779 - 3795 .

BATES E , HICKS C , MAVROUDIS V . Less is more? Rewards in RL for Cyber Defence [J ] . arXiv preprint arXiv: 2503.03245 , 2025 .

YANG Z , FU M , QU H , et al . Incremental model-based reinforcement learning with model constraint [J ] . Neural Networks , 2025 , 185 : 107245 .

ZHANG H , CHEN Z , DENG H , et al . LazyAct: Lazy actor with dynamic state skip based on constrained MDP [J ] . PloS one , 2025 , 20 ( 2 ): e0318778 .

PURVES T , KYRIAKOPOULOS K G , JENKINS S , et al . Causally aware reinforcement learning agents for autonomous cyber defence [J ] . Knowledge-Based Systems , 2024 , 304 : 112521 .

OH J , FARQUHAR G , KEMAEV I , et al . Discovering state-of-the-art reinforcement learning algorithms [J ] . Nature , 2025 : 1 - 2 .

REN M , CHEN N , QIU H . Human-machine collaborative decision-making: An evolutionary roadmap based on cognitive intelligence [J ] . International Journal of Social Robotics , 2023 , 15 ( 7 ): 1101 - 1114 .

WANG Y , LIU J , LIAO X . Preference Construction: A Bayesian Interactive Preference Elicitation Framework Based on Monte Carlo Tree Search [J ] . arXiv preprint arXiv: 2503.15150 , 2025 .

TORI A R , HASAN K F . An Evaluation Framework for Network IDS/IPS Datasets: Leveraging MITRE ATT&CK and Industry Relevance Metrics [J ] . arXiv preprint arXiv : 2511 . 12743 , 2025 .

Security Geek . AIRTBench: Measuring Autonomous AI Red Teaming Capabilities in Language Models [EB/OL ] .( 2025-06-26 )[ 2025-11-01 ] . https://www.secrss.com/articles/80190?app=1 https://www.secrss.com/articles/80190?app=1 .

安全极客 . AIRTBench：衡量大语言模型的自主AI红队能力 [EB/OL ] .( 2025-06-26 ) [ 2025-11-01 ] . https://www.secrss.com/articles/80190?app=1 https://www.secrss.com/articles/80190?app=1 .

KOUREMETIS M , DOTTER M , BYRNE A , et al . Occult: Evaluating large language models for offensive cyber operation capabilities [J ] . arXiv preprint arXiv: 2502.15797 , 2025 .

POIREAULT K . MITRE: Russian APT28's LameHug, a Pilot for Future AI Cyber-Attacks [EB/OL ] .( 2025-08-12 )[ 2026-03-02 ] . https://www.infosecurity-magazine.com/news/mitre-russian-apt28-lamehug/ https://www.infosecurity-magazine.com/news/mitre-russian-apt28-lamehug/ .

启明星辰 . 一个MANUS化智能体集群的安全监测体系架构方案:构建“感知-分析-验证-预警”自主闭环 [EB/OL ] .( 2025-03-20 )[ 2025-11-02 ] . https://www.venustech. com.cn/new_type/cpdt/20250320/28455.html https://www.venustech.com.cn/new_type/cpdt/20250320/28455.html .

VenusTech . A Security Monitoring Architecture Scheme for MANUS-based Intelligent Agent Clusters: Constructing an Autonomous Closed Loop of "Perception-Analysis-Verification-Early Warning " [EB/OL ] . ( 2025-03-20 ) [ 2025-11-02 ] . https://www.venustech.com.cn/new_type/cpdt/ 20250320/ 28455.html https://www.venustech.com.cn/new_type/cpdt/20250320/28455.html .

WEI D , LUSS R , HU X , et al . ICX360:In-Context eXplainability 360 Toolki [J ] . arXiv preprint arXiv: 2511.10879 , 2025 .

CHEN G , LIU D , LUO T , et al . Beyond External Monitors: Enhancing Transparency of Large Language Models for Easier Monitoring [J ] . arXiv preprint arXiv: 2502.05242 , 2025 .

RASTOGI N , DHANUKA D , SZXENA A , et al . Survey Perspective: The Role of Explainable AI in Threat Intelligence [J ] . arXiv preprint arXiv: 2503.02065 , 2025 .

BODKHE S , JADHAV M , WARKAR S . Metasploit for Exploit Automation and Threat Detection on Linux [J ] . International Journal of Advanced Research in Science , Communication and Technology ， 2025 , 5 ( 9 ): 482 - 490 .

KATIYAR N , TTRIPATHI M S , KUMAR M P , et al . AI and Cyber-Security: Enhancing threat detection and response with machine learning [J ] . Educational Administration: Theory and Practice , 2024 , 30 ( 4 ): 6273 - 6282 .

EMERSON H , BATES L , HICKS C , et al . Cyborg++: An enhanced gym for the development of autonomous cyber agents [J ] . arXiv preprint arXiv: 2410.16324 , 2024 .

CALLAGHAN A , MASON K , MANNION P . MOMA-AC: A preference-driven actor-critic framework for continuous multi-objective multi-agent reinforcement learning [J ] . Neurocomputing , 2025 : 132032 .

CHEN Q , DING K , ZHANG X , et al . Improving robustness by action correction via multi-step maximum risk estimation [J ] . Neural Networks , 2025 , 184 : 107045 .

LIU S , DU D , YANG T , et al . MarsRL: Advancing Multi-Agent Reasoning System via Reinforcement Learning with Agentic Pipeline Parallelism [J ] . arXiv preprint arXiv: 2511.11373 , 2025 .

LIU L , KUANG Z , CHEN Y , et al . Incdet: In defense of elastic weight consolidation for incremental object detection [J ] . IEEE transactions on neural networks and learning systems , 2020 , 32 ( 6 ): 2306 - 2319 .

SAMEH A , SELIM S . Adaptive Dual-Layer Web Application Firewall (ADL-WAF) Leveraging Machine Learning for Enhanced Anomaly and Threat Detection [J ] . arXiv preprint arXiv: 2511.12643 , 2025 .

周诣 . 生成式人工智能驱动的网络安全攻防博弈演化及防御对策研究 [J ] . 中国信息界 , 2025 ,( 07 ): 144 - 146 .

ZHOU Y . A Study on the Evolution of Cyber Attack-Defense Games and Defensive Countermeasures Driven by Generative AI [J ] . Information China , 2025 ,( 07 ): 144 - 146 .

TANG Y , LIU Y , LAN J , et al . Security of LLM-based Agents Regarding Attacks, Defenses, and Applications: A Comprehensive Survey [J ] . Information Fusion , 2025 : 103941 .

SEED Project . SEED User Survey Report 2024 [EB/OL ] . ( 2024-06-15 )[ 2025-11-06 ] . https://seedsecuritylabs.org/ https://seedsecuritylabs.org/ .

广西科技大学 . 网络空间安全 “四元协同” 人才培养模式实践报告 [R ] . 柳州：广西科技大学计算机科学与通信工程学院， 2024 .Guangxi University of Science and Technology. Practice Report on the "Four-Element Collaboration" Talent Cultivation Model in Cyberspace Security [R ] . Liuzhou: School of Computer Science and Telecommunication Engineering, Guangxi University of Science and Technology , 2024.

厦门市数据安全与区块链技术重点实验室 . 融合大模型与强化学习的多智能体自动化渗透测试系统 [P ] . 中国发明专利 : ZL202310567890.1 , 2024-03-15 .

Xiamen Key Laboratory of Data Security and Blockchain Technology . Multi-Agent Automated Penetration Testing System Integrating Large Models and Reinforcement Learning [P ] . Chinese Patent : ZL202310567890.1 , 2024-03-15 .

HASSIJA V , CHAMOLA V , MAHAPATRA A , et al . Interpreting black-box models: a review on explainable artificial intelligence [J ] . Cognitive Computation , 2024 , 16 ( 1 ): 45 - 74 .

MILLER E , MINK D , SPELLINGS P , et al . Classifying cyber ranges: A case-based analysis using the UWF cyber range [J ] . Encyclopedia , 2025 , 5 ( 4 ): 162 ..

BROWN T B , MANN B , RYDER N , et al . Language Models are Few-Shot Learners [C ] // Proceedings of the 33rd International Conference on Neural Information Processing Systems . Vancouver : MIT Press , 2020 : 1877 - 1901 .

中国信息安全测评中心 . 网络安全实验平台伦理规范（草案） [R ] . 北京：中国信息安全测评中心 , 2024 .China Information Technology Security Evaluation Center. Cybersecurity Experimentation Platform Ethical Code (Draft) [R ] . Beijing : China Information Technology Security Evaluation Center , 2024.

LI T , SAHU A K , TALWALKAR A , et al . Federated learning: Challenges, methods, and future directions [J ] . IEEE signal processing magazine , 2020 , 37 ( 3 ): 50 - 60 .

TAO F , ZHAGN M , LIU A , et al . Digital Twin in Industry: State-of-the-Art [J ] . IEEE Transactions on Industrial Informatics , 2019 , 15 ( 4 ): 2405 - 2415 .

BRAUD A , FROMENTOUX G , RADIER B , et al . The road to European digital sovereignty with Gaia-X and IDSA [J ] . IEEE network , 2021 , 35 ( 2 ): 4 - 5 .

CARLSON A , BETTERIDGE J , KISIEL B , et al . Toward an architecture for never-ending language learning [C ] // Proceedings of the AAAI conference on artificial intelligence , Atlanta,USA,July 11 – 15 , 2010 . USA : AAAI Press ,2010, 24 ( 1 ): 1306 - 1313 .

RUVOLO P , EATON E . ELLA: An efficient lifelong learning algorithm [C ] // International conference on machine learning . PMLR , 2013 : 507 - 515 .

ROMANDINI N , MORA A , MAZZOCCA C , et al . Federated unlearning: A survey on methods, design guidelines, and evaluation metrics [J ] . IEEE Transactions on Neural Networks and Learning Systems , 2025 , 36 ( 7 ): 11697 - 11717 .

Views

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Intelligent radio access network for 5G-Advanced and 6G: key standard technologies and future evolution

Digital twin technology enabled 6G network

Research on an automated penetration testing framework based on LLM and RAG

A review of artificial intelligence applications in mobile communication networks from the perspective of the OSI-RM

Cloud-based intelligent computing center ten-thousand card cluster innovation and practice

Related Author

Zhao Zhe

Chen Jiajun

Gao Yin

XING Tianqi

REN Chi

WEI Qun

MU Jia

JIANG Jie

Related Institution

ZTE Corporation

State Key Laboratory of Mobile Network and Mobile Multimedia Technology

Research Institute of China United Network Communicotions Co., Ltd.

Taizhou Institute, Zhejiang University of Technology

School of Computer Science and Technology, Zhejiang University of Technology

⁰