Research On Penetration Testing Method Based On Probability Attack Graph Model

With the development of Internet technology,the problems of network security have become increasingly prominent,information leakage and attacks events have occurred frequently,which seriously threatening national and personal security.The main reason for these incidents is that hackers discover and exploit the vulnerabilities of network,invade the computer,steal data or harm the computer.It is impossible to fix all known vulnerabilities due to the hardware and software environment,time and economic costs etc.Penetration testing is a technology and method that simulates hacker attacks.Meanwhile it is also a pre-emptive and proactive approach for network security assessment.However,it only evaluates the vulnerability isolated and cannot evaluate the security status of the network globally.Therefore,researchers combine attack graph model to evaluate the security situation of the target network as a whole.However,there are some problems in the generated attack graph,such as state explosion,poor readability and difficulty in applying to large-scale networks.This paper proposes a dynamic probability attack graph analysis method based on revenue.The result proves that the model is clear and observable,which is convenient for network security administrators to understand the attack graph.The specific work is as follows:Firstly,in the attribute attack graph model,the quantization of node is not accurate enough,only considers static factors and most of the vulnerability assessment has the same CVSS(Common Vulnerability Scoring System,CVSS)score.The dynamic probability quantization method of node attack success is proposed.In order to avoid subjectivity In the process of probability calculation,considering two dynamic indicators of vulnerability code availability and patch repair level related to time change of Temporal attribute group in CVSS system,he probability of successful vulnerability attack is evaluated on the basis of static probability quantification.Secondly,based on the generated attack graph,this paper uses the ACO(Ant Colony Optimization,ACO)algorithm to get the optimal attack path.Aiming at the local optimum problem of ACO in solving the optimal path problem of attack graph,we improves the heuristic factor of basic ACO algorithm,and introduces the updating rule of wolf swarm algorithm to improve the pheromone of nodes.At the same time,combined with the special rules of the attack graph,the other parameters are slightly modified,and an improved ACO algorithm is proposed to get the optimal attack path.Finally,by constructing the penetration testing experimental environment and simulating the penetration attack scenario,it is verified that the attack graph model has good guidance in the penetration testing process and can provide a basis for penetrating the attack target efficiently.Before the penetration attack,finding the optimal attack path by ACO algorithm,and then the target host is infiltrated and finally the target site is taken.Experiments show that the penetration test based on the attack graph model improves the overall efficiency of network penetration testing.