Network-oriented penetration testing scheme automatic-generation method

A penetration testing and automatic generation technology, applied in the field of network information security, can solve the problems of too many irrelevant nodes and no abstract model of penetration testing scheme, so as to reduce the search effect.

Inactive Publication Date: 2012-07-04
BEIHANG UNIV
View PDF3 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But the current penetration testing process is always too much manual involvement
[0006] Research on the generation of penetration testing schemes, the current problem is: there is no clear abstract model of pen

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network-oriented penetration testing scheme automatic-generation method
  • Network-oriented penetration testing scheme automatic-generation method
  • Network-oriented penetration testing scheme automatic-generation method

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0037] The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0038] 1. As figure 1As shown, the present invention provides a network-oriented penetration testing scheme automatic generation method, which includes four processing procedures: "planning", "information collection", "penetration map generation", and "penetration testing scheme generation". Among them, the "planning" process is to give penetration testing information about penetration testing. The "information collection" process is to collect vulnerability information on the network according to the set penetration test information, where the penetration test information includes penetration test constraints and penetration test targets; the vulnerability information on the network includes the vulnerabilities on the network and between hosts. connection relationship. The processing flow of "penetration graph generation" is to generate a penetration...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a network-oriented penetration testing scheme automatic-generation method. The technical problem that the conventional penetration testing scheme is formulated mainly by a penetration tester according to a penetration testing target so that the penetration tester always participates in penetration testing details is solved. The method consists of four flows, namely 'planning', 'information collection', 'generation of a penetration diagram' and 'generation of a penetration testing scheme'. The problem that overmany unrelated nodes can be found by a searching-based penetration diagram generation algorithm is solved by a penetration diagram generation algorithm combining backward searching and forward searching; and the problem of absence of an abstract model and a generation algorithm for the penetration testing scheme is solved by modeling the penetration testing scheme and providing the generation algorithm. By the method, the penetration tester is freed from the penetration testing details, and the penetration testing scheme can be quickly and accurately generated.

Description

technical field [0001] The invention belongs to the field of network information security, in particular to a method for automatically generating a network-oriented penetration testing scheme. Background technique [0002] Penetration testing is a security test in which testers simulate controlled attacks to find ways to bypass security features of applications, systems, and networks. Penetration testing, as a professional security service, has gradually begun to get more applications at home and abroad. Usually, penetration testing has a clear scope, goal and time limit. It is generally used to test the real-time status of enterprise security and the effect of security measures. It is suitable for security audit departments to conduct assessment tests, and can also be part of large-scale assessments. [0003] In the penetration testing process, the penetration testing personnel mainly rely on their own experience and knowledge to plan a penetration testing process, and the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/26
Inventor 夏春和梁晓艳沈路薄阳胡俊顺
Owner BEIHANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap