Title :
Automated planning for remote penetration testing
Author :
Greenwald, Lloyd ; Shanley, Robert
Author_Institution :
Bell Labs., LGS Innovations, Florham Park, NJ, USA
Abstract :
In this work we consider the problem of automatically designing a penetration test plan that can be executed remotely, without prior knowledge of the target machine or network. We develop a methodology for generating and executing remote testing plans that takes into account the uncertainty of using remote tools both to gain knowledge of the system and to provide the penetration testing actions. Our solution provides automated generation of multi-step penetration test plans that are robust to uncertainty during execution. We tackle this problem by making use of modeling techniques from partially observable Markov decision processes (POMDPs). We automate this process by taking advantage of efficient solutions for solving POMDPs, and further, automatically derive these models through automated access to vulnerability databases such as the national vulnerabilities database (NVD). We demonstrate our implemented solution on a series of example problems.
Keywords :
Markov processes; database management systems; decision theory; planning; security of data; testing; uncertainty handling; automated planning; multistep penetration test plans; national vulnerabilities database; partially observable Markov decision processes; remote penetration testing; remote testing plans; remote tools; uncertainty; Automatic testing; Computer networks; Databases; Information security; Mathematical model; Operating systems; Robustness; System testing; Technological innovation; Uncertainty;
Conference_Titel :
Military Communications Conference, 2009. MILCOM 2009. IEEE
Conference_Location :
Boston, MA
Print_ISBN :
978-1-4244-5238-5
Electronic_ISBN :
978-1-4244-5239-2
DOI :
10.1109/MILCOM.2009.5379852
