Interactive penetration testing method and apparatus based on dynamic graph evolution
CN121923944BActive Publication Date: 2026-06-09ZHEJIANG UNIV
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- ZHEJIANG UNIV
- Filing Date
- 2026-03-27
- Publication Date
- 2026-06-09
Smart Images

Figure CN121923944B_ABST
Abstract
The application provides an interactive penetration testing method and device based on dynamic graph evolution, including the following steps: S1: generating a root node of a dynamic attack graph based on target information of a penetration testing task; an agent generates at least one attack action based on effective network assets of the root node; S2: performing S3 on an attack action with an execution risk value not greater than a risk threshold; performing S4 on an attack action with an execution risk value greater than the risk threshold; S3: generating a child node when the attack action is successfully executed, generating at least one attack action based on effective network assets of the child node, and repeating S2; performing a pruning operation when the attack action fails to be executed; S4: replacing the attack action with an alternative action, and performing S3; and S5: generating a penetration testing report when the penetration testing task is completed. The scheme models the penetration testing process into a topology mapping of state snapshots by constructing a dynamic attack state graph, thereby realizing fully automatic penetration testing.
Need to check novelty before this filing date? Find Prior Art