Interactive penetration testing method and apparatus based on dynamic graph evolution

CN121923944BActive Publication Date: 2026-06-09ZHEJIANG UNIV

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
ZHEJIANG UNIV
Filing Date
2026-03-27
Publication Date
2026-06-09

Smart Images

  • Figure CN121923944B_ABST
    Figure CN121923944B_ABST
Patent Text Reader

Abstract

The application provides an interactive penetration testing method and device based on dynamic graph evolution, including the following steps: S1: generating a root node of a dynamic attack graph based on target information of a penetration testing task; an agent generates at least one attack action based on effective network assets of the root node; S2: performing S3 on an attack action with an execution risk value not greater than a risk threshold; performing S4 on an attack action with an execution risk value greater than the risk threshold; S3: generating a child node when the attack action is successfully executed, generating at least one attack action based on effective network assets of the child node, and repeating S2; performing a pruning operation when the attack action fails to be executed; S4: replacing the attack action with an alternative action, and performing S3; and S5: generating a penetration testing report when the penetration testing task is completed. The scheme models the penetration testing process into a topology mapping of state snapshots by constructing a dynamic attack state graph, thereby realizing fully automatic penetration testing.
Need to check novelty before this filing date? Find Prior Art