Go to NeurIPS 2025 Datasets and Benchmarks Track homepageDynamic Risk Assessments for Offensive Cybersecurity Agents
Keywords: Cybersecurity, AI Agent, AI Safety
TL;DR: We introduce a new threat model in offensive cybersecurity agent, and provide evaluation framework that can dynamically assess the risk within a fixed compute budget.
Abstract: Foundation models are increasingly becoming better autonomous programmers, raising the prospect that they could also automate dangerous offensive cyber‑operations. Current frontier model audits probe the cybersecurity risks of such agents, but most fail to account for the degrees of freedom available to adversaries in the real world.
In particular, with strong verifiers and financial incentives, agents for offensive cybersecurity are amenable to iterative improvement by would-be adversaries.
We argue that assessments should take into account an expanded threat model in the context of cybersecurity, emphasizing the varying degrees of freedom that an adversary may possess in _stateful_ and _non-stateful_ environments within a fixed compute budget. We show that even with a relatively small compute budget (8 H100 GPU Hours in our study), adversaries can improve an agent's cybersecurity capability on InterCode CTF by more than 40\% relative to the baseline---without any external assistance. These results highlight the need to evaluate agents' cybersecurity risk in a dynamic manner, painting a more representative picture of risk.
Code URL: https://github.com/boyiwei/Dynamic-Risk-Assessment
Primary Area: Social and economic aspects of datasets and benchmarks in machine learning (e.g., fairness, interpretability, human-AI interaction, privacy, safety, strategic behavior)
Flagged For Ethics Review: true
Submission Number: 1050
Loading