US 12,437,060 B2
Using hierarchical reinforcement learning (HRL) to identify application programming interfaces (API) vulnerabilities
Oleg Blinder, Haifa (IL); Omer Yehuda Boehm, Haifa (IL); and Micha Gideon Moffie, Zichron Yaakov (IL)
Assigned to International Business Machines Corporation, Armonk, NY (US)
Filed by International Business Machines Corporation, Armonk, NY (US)
Filed on Oct. 12, 2023, as Appl. No. 18/379,565.
Prior Publication US 2025/0124125 A1, Apr. 17, 2025
Int. Cl. G06F 21/55 (2013.01); G06F 9/54 (2006.01)
CPC G06F 21/552 (2013.01) [G06F 9/547 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A computer-implemented method, comprising:
causing a predetermined hierarchical reinforcement learning (HRL) agent to perform, in a controlled environment, execution of a first potentially malicious API call against a predetermined API, wherein performing execution of the first potentially malicious API call against the predetermined API includes:
causing a first sub-agent of a first stage of an architecture of the HRL agent to make a first selection for defining a first portion of a first API call, and
causing a second sub-agent of a second stage of the architecture of the HRL agent to make a second selection for defining a second portion of the first API call, and
issuing the first API call to the predetermined API; and
providing first reward-based feedback to the first sub-agent and the second sub-agent.