Guardado en:
Detalles Bibliográficos
Autores principales: Mayoral-Vilches, Víctor, Sanz-Gómez, María, Balassone, Francesco, De Torres, Maite Del Mundo, Nicolaou, George, Borines, Samuel Rodriguez, Graziano, Almerindo, Zabalegui, Paul, Gil-Uriarte, Endika
Formato: Preprint
Publicado: 2026
Materias:
Acceso en línea:https://arxiv.org/abs/2604.24184
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
_version_ 1866910168872124416
author Mayoral-Vilches, Víctor
Sanz-Gómez, María
Balassone, Francesco
De Torres, Maite Del Mundo
Nicolaou, George
Borines, Samuel Rodriguez
Graziano, Almerindo
Zabalegui, Paul
Gil-Uriarte, Endika
author_facet Mayoral-Vilches, Víctor
Sanz-Gómez, María
Balassone, Francesco
De Torres, Maite Del Mundo
Nicolaou, George
Borines, Samuel Rodriguez
Graziano, Almerindo
Zabalegui, Paul
Gil-Uriarte, Endika
contents As LLM-driven agents advance in cybersecurity, Jeopardy CTF benchmarks are approaching saturation and cyber ranges, the natural next evaluation frontier, offer diminishing resistance under their current static design. We validate this observation by deploying an LLM-driven Advanced Persistent Threat (APT) agent across three tiers of increasingly realistic infrastructure (PRO Labs, MHBench, military-grade CYBER RANGES). To counteract this trend, we propose Dynamic Cyber Ranges: cyber range environments augmented with LLM-driven Defender agents that harden infrastructure, monitor for intrusions, and respond in real time. Across evaluated scenarios, Defender agents reduce attacker success to 0-55%, achieving complete prevention on multiple configurations. Since attacker and defender agents draw from the same underlying model capabilities, Dynamic Cyber Ranges preserve evaluation headroom as models improve. Notably, a smaller, specialized on-premise model (alias2-mini) matched the frontier model's defensive outcomes on multiple scenarios under identical, untuned prompts, and detected the attacker 10x faster on a complex enterprise scenario, suggesting that privacy-preserving on-premise models can serve as competent defenders against frontier-class attackers. The experiments further surface emergent agent behaviors, including scope expansion and prompt exfiltration, with implications for AI benchmark integrity and agentic system design.
format Preprint
id arxiv_https___arxiv_org_abs_2604_24184
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle Dynamic Cyber Ranges
Mayoral-Vilches, Víctor
Sanz-Gómez, María
Balassone, Francesco
De Torres, Maite Del Mundo
Nicolaou, George
Borines, Samuel Rodriguez
Graziano, Almerindo
Zabalegui, Paul
Gil-Uriarte, Endika
Cryptography and Security
As LLM-driven agents advance in cybersecurity, Jeopardy CTF benchmarks are approaching saturation and cyber ranges, the natural next evaluation frontier, offer diminishing resistance under their current static design. We validate this observation by deploying an LLM-driven Advanced Persistent Threat (APT) agent across three tiers of increasingly realistic infrastructure (PRO Labs, MHBench, military-grade CYBER RANGES). To counteract this trend, we propose Dynamic Cyber Ranges: cyber range environments augmented with LLM-driven Defender agents that harden infrastructure, monitor for intrusions, and respond in real time. Across evaluated scenarios, Defender agents reduce attacker success to 0-55%, achieving complete prevention on multiple configurations. Since attacker and defender agents draw from the same underlying model capabilities, Dynamic Cyber Ranges preserve evaluation headroom as models improve. Notably, a smaller, specialized on-premise model (alias2-mini) matched the frontier model's defensive outcomes on multiple scenarios under identical, untuned prompts, and detected the attacker 10x faster on a complex enterprise scenario, suggesting that privacy-preserving on-premise models can serve as competent defenders against frontier-class attackers. The experiments further surface emergent agent behaviors, including scope expansion and prompt exfiltration, with implications for AI benchmark integrity and agentic system design.
title Dynamic Cyber Ranges
topic Cryptography and Security
url https://arxiv.org/abs/2604.24184