| With the rapid development of information technology,the Internet has brought revolutionary changes to human production and lifestyles.However,while Internet technology brings changes to all industries,its own potential vulnerability to network attacks also brings people many network security issues that cannot be ignored.Penetration testing,as one of the effective methods to evaluate the security of the network system can be used to detect potential but undiscovered vulnerabilities and other security issues in the system,which is helpful for customers to understand the current network security status.In addition,customers can also reinforce the security vulnerabilities in the internal system based on the test results,thereby making the network more secure and reliable.However,penetration testing has high technical requirements,and it usually requires professional engineers to spend a lot of time and efforts to dig out system vulnerabilities and execute vulnerability attacks to complete.In order to improve the efficiency of penetration testing and reduce the requirements for engineers,this paper proposes an attack path generation method based on reinforcement learning.In additon,we design and implement a penetration testing system that can compromise the target host based on the attack path in a known network environment.(1)From the perspective of the attacker,this paper proposes a method to discover the attack path.First of all,based on Markov decision-making process,through the transformation method of simulating the attack process,transforming an actual network environment into a reinforcement learning training environment.The transformation method is based on simulating the actual penetration testing process,integrating the status of the target host in the penetration test,executable operations,and the nature of network connectivity into the environment to build a reinforcement learning training environment that can express the characteristics of penetration testing.Secondly,in the training process,using the characteristics of the reply of compromised host to train,guiding the agent to choose the best response action,generating the penetration route with the least number of attacks.Then,the DQN algorithm is improved,using D2 QN algorithm to complete the training.This algorithm can speed up the convergence speed and improve the stability.Finally,experimental verification and comparative analysis prove the feasibility and usability of the attack path generation method based on reinforcement learning.(2)This paper designs and implements a system that can complete penetration testing based on attack schemes.The system generates an attack plan through the attack path generation module,and calling the integrated information collection,vulnerability discovery and vulnerability utilization modules integrated in the system to complete the penetration test.The information collection module can obtain various information such as domain names,hosts,and Web applications.The vulnerability discovery module uses existing vulnerability scanning products and CNVD(National Information Security Vulnerability Sharing Platform)vulnerability library to find vulnerabilities in the target host.The exploit module uses integrated penetration attack tools and custom exploit plug-ins to attack.(3)Testing and analyzing the system and attack path generation model proposed by this paper.Setting up a virtualized test environment and transform this environment into a reinforcement learning training environment,performing functional tests on each module,verifying the effectiveness of the attack plan.The results show that the system can generate attack paths,which can meet the needs of penetration testing.This system has certain advantages in terms of functional integrity,ease of use,and attack path generation. |
PDF Full Text Request