Skip to main content
Springer Nature Link
Log in

Graph Pre-training for Reconnaissance Perception in Automated Penetration Testing

  • Conference paper
  • First Online:
Advanced Intelligent Computing Technology and Applications (ICIC 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14864))

Included in the following conference series:

Abstract

In automated penetration testing (APT), agents are tasked with identifying attack targets and formulating appropriate action plans within partially-observed network environments. The reasoning over the network based on the information gathering from reconnaissance is essential. However, existing reasoning methods show considerable neglect for computer networks and their unique characteristics. Additionally, despite Graph Neural Networks (GNNs) demonstrated efficacy in modeling graph structures, the scarcity of adequately labeled network data adds complexity to the training of GNNs. We present a novel method, termed Graph Pre-training for Reconnaissance Perception in Automated Penetration Testing (GPRP). This pioneering approach is designed to learn the invariant properties entailed in the structures and semantics of the computer networks from an extensive set of unlabeled and synthetic data during pre-training. Consequently, the resulting pre-trained model could swiftly adapt to target networks, after undergoing fine-tuning with very few network observations, and exhibits enhanced capabilities in reasoning network properties. Extensive experiments on both customized and FatTree networks articulate the efficacy of our model in tasks centered around network reasoning, such as node classification and link prediction tasks. Further verification of GPRP in a real-world local area network, underscores the practical usage of our method.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Al-Fares, M., Loukissas, A., Vahdat, A.: A scalable, commodity data center network architecture. ACM SIGCOMM Comput. Commun. Rev. 38(4), 63–74 (2008)

    Article  Google Scholar 

  2. Chen, K., Lu, H., Fang, B., Sun, Y., Su, S., Tian, Z.: Survey on automated penetration testing technology research. J. Softw. 35(5), 2268–2288 (2023)

    Google Scholar 

  3. Group, O., et al.: Information systems security assessment framework. Open Information Systems Security Group (2006)

    Google Scholar 

  4. Hu, Z., Beuran, R., Tan, Y.: Automated penetration testing using deep reinforcement learning. In: 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pp. 2–10. IEEE (2020)

    Google Scholar 

  5. Hu, Z., Dong, Y., Wang, K., Chang, K.W., Sun, Y.: GPT-GNN: generative pretraining of graph neural networks. In: Proceedings of the 26th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining, pp. 1857–1867 (2020)

    Google Scholar 

  6. Hu, Z., Dong, Y., Wang, K., Sun, Y.: Heterogeneous graph transformer. In: Proceedings of the Web Conference 2020, pp. 2704–2710 (2020)

    Google Scholar 

  7. Hutchins, E.M., Cloppert, M.J., Amin, R.M., et al.: Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Lead. Isues Inf. Warfare Secur. Res. 1(1), 80 (2011)

    Google Scholar 

  8. Jha, S., Sheyner, O., Wing, J.: Two formal analyses of attack graphs. In: Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15, pp. 49–63. IEEE (2002)

    Google Scholar 

  9. Kim, M., Leskovec, J.: The network completion problem: Inferring missing nodes and edges in networks. In: Proceedings of the 2011 SIAM International Conference on Data Mining, pp. 47–58. SIAM (2011)

    Google Scholar 

  10. Kipf, T.N., Welling, M.: Semi-supervised classification with graph convolutional networks (2016). arXiv preprint arXiv:1609.02907

  11. Koskinen, J.H., Robins, G.L., Wang, P., Pattison, P.E.: Bayesian analysis for partially observed network data, missing ties, attributes and actors. Soc. Netw. 35(4), 514–527 (2013)

    Article  Google Scholar 

  12. Latecki, L.P.V.C.G.P.J.: Graph convolutional networks based on manifold learning for semi-supervised image classification. Comput. Vis. Image Underst. 277, 103618 (2023)

    Google Scholar 

  13. Li, H., Wang, X., Zhang, Z., Zhu, W.: Out-of-distribution generalization on graphs: A survey (2022). arXiv preprint arXiv:2202.07987

  14. Li, Q., Hu, M., Hao, H., Zhang, M., Li, Y.: Innes: an intelligent network penetration testing model based on deep reinforcement learning. Appl. Intell. 53(22), 27110–27127 (2023)

    Article  Google Scholar 

  15. Li, X., et al.: Graph neural network with curriculum learning for imbalanced node classification. Neurocomputing 574, 127229 (2024)

    Article  Google Scholar 

  16. Liu, S., Feng, Y., Wu, K., Cheng, G., Huang, J., Liu, Z.: Graph-attention-based casual discovery with trust region-navigated clipping policy optimization. IEEE Trans. Cybern. 53, 2311–2324 (2021)

    Google Scholar 

  17. Sarraute, C.: Automated attack planning (2013). arXiv preprint arXiv:1307.7808

  18. Strom, B.E., Applebaum, A., Miller, D.P., Nickels, K.C., Pennington, A.G., Thomas, C.B.: MITRE ATT&CK: Design and philosophy. In: Technical report. The MITRE Corporation (2018)

    Google Scholar 

  19. Team, P., et al.: The penetration testing execution standard documentation (2017)

    Google Scholar 

  20. Tran, C., Shin, W.Y., Spitz, A., Gertz, M.: DeepNC: deep generative network completion. IEEE Trans. Pattern Anal. Mach. Intell. 44(4), 1837–1852 (2020)

    Google Scholar 

  21. Velickovic, P., Cucurull, G., Casanova, A., Romero, A., Lio, P., Bengio, Y., et al.: Graph attention networks. stat 1050(20), 10–48550 (2017)

    Google Scholar 

  22. Wang, X., Ji, H., Shi, C., Wang, B., Ye, Y., Cui, P., Yu, P.S.: Heterogeneous graph attention network. In: The World Wide Web Conference, pp. 2022–2032 (2019)

    Google Scholar 

  23. Wu, Z., Pan, S., Chen, F., Long, G., Zhang, C., Philip, S.Y.: A comprehensive survey on graph neural networks. IEEE Trans. Neural Netw. Learn. Syst. 32(1), 4–24 (2020)

    Article  MathSciNet  Google Scholar 

  24. Xia, J., Zhu, Y., Du, Y., Li, S.Z.: A survey of pretraining on graphs: Taxonomy, methods, and applications (2022). arXiv preprint arXiv:2202.07893

  25. Xing, B., Gao, L., Sun, J., Yang, W.: Design and implementation of automated penetration testing system. Application Research of Computers (2010)

    Google Scholar 

  26. Zennaro, F.M., Erdődi, L.: Modelling penetration testing with reinforcement learning using capture-the-flag challenges: trade-offs between model-free learning and a priori knowledge. IET Inf. Secur. 17(3), 441–457 (2023)

    Google Scholar 

  27. Zhou, J., et al.: Graph neural networks: a review of methods and applications. AI open 1, 57–81 (2020)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. National Key Laboratory of Information Systems Engineering, National University of Defense Technology, Changsha, China

    Yunfei Wang & Cheng Zhu

  2. National University of Defense Technology, Changsha, China

    Shixuan Liu & Wenhao Wang

  3. Tsinghua University, Beijing, China

    Chao Zhang

  4. Computer Center, Peking University, Beijing, China

    Jiandong Jin & Changling Zhou

Authors
  1. Yunfei Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shixuan Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Chao Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Wenhao Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jiandong Jin
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Cheng Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Changling Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Cheng Zhu .

Editor information

Editors and Affiliations

  1. Eastern Institute of Technology, Ningbo, China

    De-Shuang Huang

  2. Tianjin University of Science and Technology, Tianjin, China

    Zhanjun Si

  3. Eastern Institute of Technology, Ningbo, China

    Yijie Pan

Ethics declarations

Disclosure of Interests

The authors have no competing interests to declare that are relevant to the content of this article.

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Wang, Y. et al. (2024). Graph Pre-training for Reconnaissance Perception in Automated Penetration Testing. In: Huang, DS., Si, Z., Pan, Y. (eds) Advanced Intelligent Computing Technology and Applications. ICIC 2024. Lecture Notes in Computer Science, vol 14864. Springer, Singapore. https://doi.org/10.1007/978-981-97-5588-2_26

Download citation

  • DOI: https://doi.org/10.1007/978-981-97-5588-2_26

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-97-5587-5

  • Online ISBN: 978-981-97-5588-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics