Abstract
Some aspects of constructing the model of an information system suitable for further application in the problem of the automatization of penetration testing with the use of reinforcement machine learning methods are considered. The principal requirements to a similar model are formulated, and a prototype architecture of a similar system is proposed.
Similar content being viewed by others
REFERENCES
Stepanova, T., Pechenkin, A., and Lavrova, D., Ontology-based big data approach to automated penetration testing of large-scale heterogeneous systems, Proc. 8th Int. Conf. on Security of Information and Networks, Sochi, Russia, 2015, New York: Association for Computing Machinery, 2015, pp. 519–525. https://doi.org/10.1145/2799979.2799995
Sutton, R.S. and Barto, A.G., Reinforcement Learning: An Introduction, Cambridge, Mass.: MIT Press, 1998, 2nd ed.
Kalinin, M.O., Lavrova, D.S., and Yarmak, A.V., Detection of threats in cyberphysical systems based on deep learning methods using multidimensional time series, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 912–917. https://doi.org/10.3103/S0146411618080151
Pavlenko, E. and Zegzhda, D., Homeostatic approach to assessing digital manufacturing security, SHS Web Conf., 2018, vol. 44, p. 00066. https://doi.org/10.1051/shsconf/20184400066
Zegzhda, D.P., Kalinin, M.O., and Levykin, M.V., Actual vulnerabilities of industrial automation protocols of an open platform communications series, Autom. Control Comput. Sci., 2019, vol. 53, no. 8, pp. 972–979. https://doi.org/10.3103/S0146411619080339
Zegzhda, D., Zegzhda, P., Pechenkin, A., and Poltavtseva, M., Modeling of information systems to their security evaluation, Proc. 10th Int. Conf. on Security of Information and Networks, Jaipur, India, 2017, New York: Association for Computing Machinery, 2017, pp. 295–298. https://doi.org/10.1145/3136825.3136857
Ghanem, M.C. and Chen, T.M., Reinforcement learning for intelligent penetration testing, Second World Conf. on Smart Trends in Systems, Security and Sustainability (WorldS4), London, 2018, IEEE, 2018, pp. 185–192. https://doi.org/10.1109/WorldS4.2018.8611595
Greenwald, L. and Shanley, R., Automated planning for remote penetration testing, MILCOM 2009—2009 IEEE Military Communications Conf., Boston, 2009, IEEE, 2009, pp. 1–7. https://doi.org/10.1109/MILCOM.2009.5379852
Sarraute, C., Buffet, O., and Hoffmann, J., Penetration Testing = POMDP Solving?, Proc. 3rd Workshop on Intelligent Security (SecArt’11), 2011. arXiv:1306.4714 [cs.AI]
Author information
Authors and Affiliations
Corresponding authors
Ethics declarations
The authors declare that they have no conflicts of interest.
Additional information
Translated by E. Glushachenkova
About this article
Cite this article
Myasnikov, A.V., Konoplev, A.S., Suprun, A.F. et al. Constructing the Model of an Information System for the Automatization of Penetration Testing. Aut. Control Comp. Sci. 55, 949–955 (2021). https://doi.org/10.3103/S0146411621080216
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.3103/S0146411621080216