Attack Path Planning For Penetration Testing Based On Improved Drosophila Algorithm And Reinforcement Learning

On the premise of in-depth understanding and research of penetration test attack path planning,this study aims to improve the efficiency of penetration test attack path planning in different application scenarios by improving the algorithm,so as to improve the efficiency of penetration test attack,reduce the dependence on manual labor in the process of penetration test,and improve the ability of automation.In this paper,the dynamic environment and the completely unknown penetration testing environment are studied.On the one hand,this paper makes use of the advantages of drosophila algorithm optimization,and applies the improved drosophila algorithm to attack path planning in dynamic environment,so as to improve the attack efficiency of penetration test and reduce the dependence on manual in the process of penetration test.On the other hand,reinforcement learning is used to improve the learning ability and automation ability of penetration testing under unknown conditions by improving Q-learning algorithm.Then,the open source penetration testing tool Metasploit was used to build an attack path planning system,and the process and results of penetration testing were compared with those of general penetration testing to prove the effectiveness of this research.The main work of this paper includes the following aspects:(1)The importance of penetration test attack path planning and the main methods of penetration test attack path planning are deeply analyzed.Attack path planning is a necessary step in the penetration testing process,with automatic attack path planning capabilities,which can be made in different situations for scenario decisions,reducing the need for professional guidance.At present,the main methods of attack path planning for penetration testing include classical planning technique and Markov decision process.(2)In a dynamic environment,by applying the improved fruit fly algorithm to the planning of penetration test attack path,the bidirectional fruit fly improved algorithm is designed to solve the problems such as slow search for optimal path and local optimization during penetration test,and to solve the problem that the original planned path is invalid due to downtime during penetration test.The main improvements include:forward and backward search to plan the path;If the attacked host breaks down due to a fault during a penetration test attack,the attack path of the local area network where the faulty host resides can be replanned using the replanning mechanism to improve the path planning efficiency.(3)In an unknow environment,the A-QL algorithm is designed by improving reinforcement learning algorithm and applying it to the planning of penetration test attack path.In order to solve the situation of knowing nothing or having very little information about the environment during penetration test,the algorithm plans the penetration test attack path according to the feedback of the environment.The main improvements include:the reinforcement learning algorithm based on Q-learning is improved by adding greedy algorithm and artificial potential field method,and combining deep search strategy to find the optimal path,so that penetration test attack path planning in unknown environment has a better effect.(4)System implementation and verification.Based on the above work contents,A corresponding attack path planning system for penetration testing was developed.The attack path planning algorithm applied to penetration testing in dynamic environments--the improved Bidirectional Fruit fly algorithm--and the attack path planning algorithm for penetration testing in unknown environments--A-QL algorithm were combined with the open source penetration testing tool Metasploit as attack path planning contents.The penetration test can be attacked in different environments,so as to reduce manual intervention and carry out penetration test efficiently.