Attack Planning
Today penetration testing is a highly manual practice, which requires an knowledgeable operator with the right toolset. Some task performed by penetration testers have been automated by complex tools, such as Core Impact. Yet the pen-testing requires making decisions as to which is the best next step and being able to judge the information available after each step.
We are interested in solving this problem: The user is able to input a scenario and attack goals, and the solution then considers possible attack paths before selecting an optimal one. One may choose to gain root privileges on a machine with a given IP address minimizing the time; or to delete the database in a given server maximizing stealth capabilities, etc. The solution automatically crafts the planning, step-by-step, required to achieve each goal. Each step must be an action in the pen-testing framework at use.
Publications
- POMDPs Make Better Hackers: Accounting for Uncertainty in Penetration Testing
- Authors: Carlos Sarraute, Olivier Buffet, Joerg Hoffmann
- In: Twenty-Sixth Conference on Artificial Intelligence (AAAI-12), Toronto, Canada.
- Date published: 2012-07-23
- Les POMDP font de meilleurs hackers: Tenir compte de l'incertitude dans les tests de penetration
- Authors: Carlos Sarraute, Olivier Buffet, Joerg Hoffmann
- In: JFPDA 2012 - 7èmes Journées Francophones Planification, Décision, et Apprentissage pour la conduite de systèmes
- Date published: 2012-05-22