Full Text:   <2992>

Summary:  <1628>

CLC number: TP393.08

On-line Access: 2024-08-27

Received: 2023-10-17

Revision Accepted: 2024-05-08

Crosschecked: 2019-09-04

Cited: 0

Clicked: 5869

Citations:  Bibtex RefMan EndNote GB/T7714

 ORCID:

Yi-chao Zang

http://orcid.org/0000-0002-1791-586X

-   Go to

Article info.
Open peer comments

Frontiers of Information Technology & Electronic Engineering  2019 Vol.20 No.9 P.1277-1288

http://doi.org/10.1631/FITEE.1800532


NIG-AP: a new method for automated penetration testing


Author(s):  Tian-yang Zhou, Yi-chao Zang, Jun-hu Zhu, Qing-xian Wang

Affiliation(s):  State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China; more

Corresponding email(s):   zangyeechao@sina.com

Key Words:  Penetration testing, Reinforcement learning, Classical planning, Partially observable Markov decision process



Abstract: 
penetration testing offers strong advantages in the discovery of hidden vulnerabilities in a network and assessing network security. However, it can be carried out by only security analysts, which costs considerable time and money. The natural way to deal with the above problem is automated penetration testing, the essential part of which is automated attack planning. Although previous studies have explored various ways to discover attack paths, all of them require perfect network information beforehand, which is contradictory to realistic penetration testing scenarios. To vividly mimic intruders to find all possible attack paths hidden in a network from the perspective of hackers, we propose a network information gain based automated attack planning (NIG-AP) algorithm to achieve autonomous attack path discovery. The algorithm formalizes penetration testing as a Markov decision process and uses network information to obtain the reward, which guides an agent to choose the best response actions to discover hidden attack paths from the intruder’s perspective. Experimental results reveal that the proposed algorithm demonstrates substantial improvement in training time and effectiveness when mining attack paths.

Open peer comments: Debate/Discuss/Question/Opinion

<1>

Please provide your name, email address and a comment





Journal of Zhejiang University-SCIENCE, 38 Zheda Road, Hangzhou 310027, China
Tel: +86-571-87952783; E-mail: cjzhang@zju.edu.cn
Copyright © 2000 - 2025 Journal of Zhejiang University-SCIENCE