Skip to main content
SpringerLink
Log in

Constructing the Model of an Information System for the Automatization of Penetration Testing

  • Published:
Automatic Control and Computer Sciences Aims and scope Submit manuscript

Abstract

Some aspects of constructing the model of an information system suitable for further application in the problem of the automatization of penetration testing with the use of reinforcement machine learning methods are considered. The principal requirements to a similar model are formulated, and a prototype architecture of a similar system is proposed.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.

Similar content being viewed by others

REFERENCES

  1. Stepanova, T., Pechenkin, A., and Lavrova, D., Ontology-based big data approach to automated penetration testing of large-scale heterogeneous systems, Proc. 8th Int. Conf. on Security of Information and Networks, Sochi, Russia, 2015, New York: Association for Computing Machinery, 2015, pp. 519–525.  https://doi.org/10.1145/2799979.2799995

  2. Sutton, R.S. and Barto, A.G., Reinforcement Learning: An Introduction, Cambridge, Mass.: MIT Press, 1998, 2nd ed.

    MATH  Google Scholar 

  3. Kalinin, M.O., Lavrova, D.S., and Yarmak, A.V., Detection of threats in cyberphysical systems based on deep learning methods using multidimensional time series, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 912–917. https://doi.org/10.3103/S0146411618080151

    Article  Google Scholar 

  4. Pavlenko, E. and Zegzhda, D., Homeostatic approach to assessing digital manufacturing security, SHS Web Conf., 2018, vol. 44, p. 00066.  https://doi.org/10.1051/shsconf/20184400066

  5. Zegzhda, D.P., Kalinin, M.O., and Levykin, M.V., Actual vulnerabilities of industrial automation protocols of an open platform communications series, Autom. Control Comput. Sci., 2019, vol. 53, no. 8, pp. 972–979. https://doi.org/10.3103/S0146411619080339

    Article  Google Scholar 

  6. Zegzhda, D., Zegzhda, P., Pechenkin, A., and Poltavtseva, M., Modeling of information systems to their security evaluation, Proc. 10th Int. Conf. on Security of Information and Networks, Jaipur, India, 2017, New York: Association for Computing Machinery, 2017, pp. 295–298. https://doi.org/10.1145/3136825.3136857

  7. Ghanem, M.C. and Chen, T.M., Reinforcement learning for intelligent penetration testing, Second World Conf. on Smart Trends in Systems, Security and Sustainability (WorldS4), London, 2018, IEEE, 2018, pp. 185–192.  https://doi.org/10.1109/WorldS4.2018.8611595

  8. Greenwald, L. and Shanley, R., Automated planning for remote penetration testing, MILCOM 2009—2009 IEEE Military Communications Conf., Boston, 2009, IEEE, 2009, pp. 1–7.  https://doi.org/10.1109/MILCOM.2009.5379852

  9. Sarraute, C., Buffet, O., and Hoffmann, J., Penetration Testing = POMDP Solving?, Proc. 3rd Workshop on Intelligent Security (SecArt’11), 2011. arXiv:1306.4714 [cs.AI]

Download references

Author information

Authors and Affiliations

  1. Peter the Great St. Petersburg Polytechnic University, 195251, St. Petersburg, Russia

    A. V. Myasnikov, A. S. Konoplev, A. F. Suprun & V. G. Anisimov

  2. St. Petersburg Federal Research Center, Russian Academy of Sciences, 199178, St. Petersburg, Russia

    V. V. Kasatkin

  3. MIREA—Russian Technological University, 119454, Moscow, Russia

    V. P. Los’

Authors
  1. A. V. Myasnikov
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. A. S. Konoplev
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. A. F. Suprun
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. V. G. Anisimov
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. V. V. Kasatkin
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. V. P. Los’
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to A. V. Myasnikov, V. G. Anisimov or V. P. Los’.

Ethics declarations

The authors declare that they have no conflicts of interest.

Additional information

Translated by E. Glushachenkova

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Myasnikov, A.V., Konoplev, A.S., Suprun, A.F. et al. Constructing the Model of an Information System for the Automatization of Penetration Testing. Aut. Control Comp. Sci. 55, 949–955 (2021). https://doi.org/10.3103/S0146411621080216

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.3103/S0146411621080216

Keywords:

Search

Navigation