[Speakers]
Adversary Village at
DEF CON 33

DEF CON 33 Schedule

Bobby Kuzma

Director - Offensive Cyber Operations @ ProCircular

Bobby Kuzma is a seasoned offensive security researcher with a long running interest in computational decision making. He currently runs the Offensive Cyber Operations team at ProCircular.

Talk: Of Stochastic Parrots and Deterministic Predators: Decision-Making in Adversarial Automation

Friday | Aug 8th2025
DEF CON Creator Stage 2 (Room 232) | Las Vegas Convention Center
Adversary Automation

In an era where AI systems oscillate between mimicking human-like randomness and executing precise, predatory strategies, understanding decision-making in adversarial automation is critical. This talk explores the tension between "stochastic parrots"; generative models that produce probabilistic outputs, and "deterministic predators," systems designed to behave in a predictable pattern in adversarial settings. We will delve into the mechanics of decision-making under uncertainty, examining how these systems navigate competitive environments, from game-playing AIs to cybersecurity defenses. Attendees will gain insights into the algorithms driving these dynamics, and where the technology is heading. We will be releasing tooling around our deterministic TTP selection engine.

Detailed talk outline

  1. Introduction (3 min)
    • Hook: “poker-bluff vs. card-cheater” scenario
    • Why the stochastic/deterministic tension matters for offensive AI
    • Three takeaways: defining the dichotomy, decision-making under uncertainty, demo of our TTP engine
  2. Core Concepts: Stochastic Parrots vs. Deterministic Predators (5 min)
    • Stochastic Parrots: generative, sample-based, creative, but unpredictable in adversarial play
    • Deterministic Predators: rule-based, predictable, auditable yet exploitable if patterns are discovered
    • Fundamental trade-offs: exploration vs. exploitation, stealth vs. consistency
  3. Decision-Making Under Uncertainty (5 min)
    • MDPs/POMDPs at a glance: modeling sequential attacker choices with partial info
    • Policy types: stochastic (softmax sampling, ε-greedy) vs. deterministic (greedy, rule engines)
    • Risk metrics: entropy, worst-case vs. expected gain
  4. Adversarial Automation in Action (7 min)
  5. Attacker TTP Selection (4 min)
    • Offensive Tactics, Techniques & Procedures under uncertainty
    • Randomized vs. deterministic TTP planners in red-team ops
    • How purely stochastic and purely deterministic attackers perform in benchmarks
  6. Algorithms & Architectures (3 min)
    • Stochastic policy engines: policy gradients, Boltzmann exploration, noise injection
    • Deterministic planners: decision trees, rule-based systems, deterministic RL
    • Hybrid designs: hierarchical policies mixing stochastic high-level planning with deterministic execution
  7. Tooling Spotlight: Deterministic TTP Selection Engine (2 min)
    • Motivation: repeatable, transparent offensive emulation
    • Core components: TTP knowledge graph, utility scoring, deterministic planner
    • How to access: Github linkage
  8. Future Directions & Closing (1 min)
    • Self-tuning “meta-adversaries” that adjust their own randomness/determinism
    • Ethical considerations: offensive AI auditability vs. unpredictability
    • Final takeaway: mastering the stochastic–deterministic spectrum is key to next-gen adversarial automation

Access Everywhere.


Join Adversary Village Discord Server.

Join Adversary Village official Discord server to connect with our amazing community of adversary simulation experts and offensive security researchers!