| Penetration testing as a new network security technology can effectively detectthe network security vulnerabilities and potential safety problems. To build aneffective, adapt to the large-scale network automation penetration test system willprovide powerful support to risk assessment, level protection assessment, networksecurity protection.Based on the third current faults penetration test system exist: firstly, manualtesting is failed to set strategy with relevant test standard and testers’ skill decidesthe result; Secondly, present tools are failed to take account of the relationshipbetween vulnerabilities; Thirdly, the attack graph researcher used in the model isdifficultly applied to large-scale network.Thus, this paper on the base of penetration test standard and techniquecomplete following tasks:Firstly, through comparison of past research of minimal attack graph, we knowthat minimal attack graph has several advantage in penetration system: it containsonly reachable node to the goal host, effectively solving the space explosion problemand suitable to large scale network. Minimal attack graph provides the networkadministrator better visualize and understand scene.Secondly, following formal penetration test program, we build a minimal attackgraph base penetration test model, expounding each part of the model andrelationship of them.Thirdly, creating the minimal attack graph generating algorithm and dismantlingthe whole algorithm to path enumeration algorithm and path association algorithm.Enumerating all the paths that reach the goal, we save the nodes of the path withdifference sort to build the graph. |
PDF Full Text Request