Network penetration testing method

A test method and network penetration technology, applied in electrical components, transmission systems, etc., can solve the problems of difficulty in penetration testing, no attack graph, and security testers spending a lot of time, etc., to achieve automation, reduce complexity, The effect of reducing complexity
CN105871885AActive Publication Date: 2016-08-17NANJING UNIV OF AERONAUTICS & ASTRONAUTICS
4 Cites 29 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
NANJING UNIV OF AERONAUTICS & ASTRONAUTICS
Publication Date
2016-08-17

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention provides a network penetration testing method. The method comprises the steps that 1, a network attack path is established according to the accessibility among different network segments on the basis of an existing network topology and vulnerability information list; 2, the network attack path is traversed, every two adjacent network segments belong to a group, and a single-vulnerability exploitation model (SVEM) is constructed for each vulnerability of an attack target by taking one host in the previous network segment as an attacker and taking one host in the latter network segment as the attack target; 3, the SVEM is synthesized on the basis of a backward search algorithm, and an attack graph from the attaching host to the target host is constructed; 4, all possible attack paths are decomposed according to the attack graph, and attacking is conducted for vulnerabilities in all the paths to obtain an effective attack path. According to the network penetration testing method, the attack path can be automatically planned according to a network environment, an automatic penetration attacking scheme can be achieved, penetration testing is rapidly and efficiently conducted on a target system, and a large quantity of manpower and material resources are saved.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to the field of computer information security, in particular to a network penetration testing method. Background technique

[0002] With the development and application of the network, people rely more and more on the computer network. At the same time, the security problems of the network system are becoming more and more prominent. Penetration testing, as a method of simulating attackers to conduct security tests on target systems, is also being used more and more widely. However, as the network environment becomes more and more complex, it becomes more and more difficult to complete the penetration test of the specified target system in the network environment. Normally, security testers need to spend a lot of time planning attack paths and completing verification of vulnerabilities. Most of the existing penetration testing schemes only target the target hosts in a simple network environment, and are not effectively combined...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More