The integration of AI into modern critical infrastructure systems, such as healthcare, has introduced new vulnerabilities that can significantly impact workflow, efficiency, and safety. Additionally, the increased connectivity has made traditional human-driven penetration testing insufficient for assessing risks and developing remediation strategies. Consequently, there is a pressing need for a distributed, adaptive, and efficient automated penetration testing framework that not only identifies vulnerabilities but also provides countermeasures to enhance security posture. This work presents ADAPT, a game-theoretic and neuro-symbolic framework for automated distributed adaptive penetration testing, specifically designed to address the unique cybersecurity challenges of AI-enabled healthcare infrastructure networks. We use a healthcare system case study to illustrate the methodologies within ADAPT. The proposed solution enables a learning-based risk assessment. Numerical experiments are used to demonstrate effective countermeasures against various tactical techniques employed by adversarial AI.

翻译：人工智能融入现代关键基础设施系统（如医疗保健领域）引入了新的漏洞，这些漏洞可能显著影响工作流程、效率与安全性。此外，日益增强的互联性使得传统人工驱动的渗透测试在评估风险与制定修复策略方面已显不足。因此，迫切需要一种分布式、自适应且高效的自动化渗透测试框架，该框架不仅能识别漏洞，还能提供增强安全态势的应对措施。本文提出ADAPT，一种用于自动化分布式自适应渗透测试的博弈论与神经符号框架，专门针对人工智能赋能的医疗保健基础设施网络所面临的独特网络安全挑战而设计。我们通过一个医疗系统案例研究来阐释ADAPT内部的方法论。所提出的解决方案支持基于学习的风险评估。数值实验被用于展示针对对抗性人工智能所采用的各种战术技术的有效应对措施。