Chiem Trieu Phong,Wei Qi Yan

DOI: https://doi.org/10.4018/ijdcf.2014100104

2014-01-01

International Journal of Digital Crime and Forensics

Abstract:Penetration testing is an effort to attack a system using similar techniques and tools adopted by real hackers. The ultimate goal of penetration testing is to call to light as many existing vulnerabilities as possible, then come up with practical solutions to remediate the problems; thus, enhance the system security as a whole. The paper introduces concepts and definitions related to penetration testing, together with different models and methodologies to conduct a penetration test. A wide range of penetration testing state-of-the-art, as well as related tools (both commercial and free open source available on the market) are also presented in relatively rich details.

Zhaohui Hu,Qi Chen,Ruizhao Yu

DOI: https://doi.org/10.3321/j.issn:1002-8331.2001.10.020

2001-01-01

Abstract:This article introduces the implementation of TCP Protocol and the technique of Port Scanning based on the characteristic of TCP Protocol,at the same time,the several implementations of Port Scanning are also described. We also analyze the potential external attacks that can be made because of the weakness of operation system and the ways to avoid suck kinds of attack are also put up.

Bing Duan,Yinqian Zhang,Dawu Gu

DOI: https://doi.org/10.1109/ICYCS.2008.335

2008-01-01

Abstract:Penetration testing is an important branch of network security evaluation, which aims at providing all-round investigation to find the vulnerabilities and security threats in systems and networks. Former penetration testing platforms lack the adaptability when applied to different types of systems or networks, and the manual tests which are prevailed in those platforms are usually long and complex processes. In this paper we focus on the improvement of penetration testing platforms and strategies, and we propose a novel penetration testing platform based on a recently launched LiveDVD system-SolarSword. We also discuss the design and implementation details of this new platform, and use a real penetration test case study to demonstrate its advantages over former platforms. The platform provides an automatic, easy-to-deploy methodology for penetration testing process, and overcomes the obvious drawbacks of former penetration testing platforms.

Krutarth Chauhan

2024-07-24

Abstract:Conventional security solutions are insufficient to address the urgent cybersecurity challenge posed by insider attacks. While a great deal of research has been done in this area, our systematic literature analysis attempts to give readers a thorough grasp of penetration testing's role in reducing insider risks. We aim to arrange and integrate the body of knowledge on insider threat prevention by using a grounded theory approach for a thorough literature review. This analysis classifies and evaluates the approaches used in penetration testing today, including how well they uncover and mitigate insider threats and how well they work in tandem with other security procedures. Additionally, we look at how penetration testing is used in different industries, present case studies with real-world implementations, and discuss the obstacles and constraints that businesses must overcome. This study aims to improve the knowledge of penetration testing as a critical part of insider threat defense, helping to create more comprehensive and successful security policies.

Cryptography and Security

Jeremy Straub

2023-06-07

Abstract:Penetration testing increases the security of systems through tasking testers to 'think like the adversary' and attempt to find the ways that an attacker would break into the system. For many systems, this can be conducted in a safe and controlled way; however, some systems are so critical to human life and safety that the risk of their failure or disablement due to active penetration testing cannot be assumed. These systems are also critical to evaluate the security of, to prevent attackers from disabling them or causing their maloperation; however, this must be done in a manner that doesn't risk the very malady that testing seeks to avoid through the testing process itself. This paper presents P2SCP, a paradigm for penetration testing of systems that cannot be subjected to the risk of penetration testing. It discusses how data collection, the creation of digital twins and cousins and evaluative analysis can be utilized to conduct virtual penetration tests on critical infrastructure systems. This proposed paradigm is analyzed through the use of several case studies.

Cryptography and Security

Alex Zhu,Wei Qi Yan

DOI: https://doi.org/10.4018/ijdcf.2017100106

2017-01-01

International Journal of Digital Crime and Forensics

Abstract:SQLIA is adopted to attack websites with and without confidential information. Hackers utilized the compromised website as intermediate proxy to attack others for avoiding being committed of cyber-criminal and also enlarging the scale of Distributed Denial of Service Attack DDoS. The DDoS is that hackers maliciously turn down a website and make network resources unavailable to web users. It is extremely difficult to effectively detect and prevent SQLIA because hackers adopt various evading SQLIA Intrusion Detection System techniques. Victims may not be even aware of that their confidential data has been compromised for a long time. In this paper, our contribution is that we evaluate several most popular open source SQLIA tools and SQLIA prevention tools with both qualitative and quantitative assessments.

Daniel Dalalana Bertoglio,Arthur Gil,Juan Acosta,Julia Godoy,Roben Castagna Lunardi,Avelino Francisco Zorzo

2023-11-22

Abstract:With the increasing number of internet-based resources and applications, the amount of attacks faced by companies has increased significantly in the past years. Likewise, the techniques to test security and emulate attacks need to be constantly improved and, as a consequence, help to mitigate attacks. Among these techniques, penetration test (Pentest) provides methods to assess the security posture of assets, using different tools and methodologies applied in specific scenarios. Therefore, this study aims to present current methodologies, tools, and potential challenges applied to Pentest from an updated systematic literature review. As a result, this work provides a new perspective on the scenarios where penetration tests are performed. Also, it presents new challenges such as automation of techniques, management of costs associated with offensive security, and the difficulty in hiring qualified professionals to perform Pentest.

Cryptography and Security

Hui Liu,Zhitang Li

DOI: https://doi.org/10.1109/waim.2008.69

2008-01-01

Abstract:Like a network camera, in the deployment of security equipments, IDS keeps the role of monitoring and analyzing the traffic in a timely manner. It strongly prevents the intrusive motivation by the way of recording every illegal access. Unfortunately, in the same time, hackers are trying their best to evade the IDS, in order to cover up their abnormal tracks. It is very important to let the IDS keep it's own safety, especially in the network deployment policy, in which IDS keeps an undivided part. From the aspect of vulnerability, this paper lists seven threats and submits the penetration test examples respectively. Also, the paper gives some useful advices in order to strengthen IDS safety.

Riya Kedia,Pooja Jha,M. Dehury,Sahil Prasad Bejo,B. Kumar,Pallab Banerjee

DOI: https://doi.org/10.1109/WCONF58270.2023.10235163

2023-07-14

Abstract:Currently, because almost all interactions occur online, internet security is a critical concern. Penetration testing evaluates network and system security while also revealing security weaknesses. Piercing testing is carry out to ensure that there are no security flaws in the system or network that would permit unauthorised access. Penetration testing, often known as Pen Testing, is a collection of processes designed to track down vulnerabilities in a network or system, or online application that an attacker may exploit. It assists to confirm the effectiveness and efficiency of the different security measures put in place. This document concisely describes the foundations of penetration testing as well as illustrates how and where to deploy and utilise several tools and methodologies for penetration testing using Kali Linux for detecting system vulnerabilities: and provide a review of firewalls, networking protocols, as well as basic security problems that must be addressed in the goal of better protection of the system, ending after analysing the results.

Computer Science

朱辉,沈明星,李善平

DOI: https://doi.org/10.3969/j.issn.1000-3428.2010.10.059

2010-01-01

Abstract:This paper studies the code injection vulnerabilities of Web application,modifies and expands the definition of this kind of vulnerabilities with summarizing and analyzing the features of them,and transforms the causes of vulnerabilities into two kinds of coding errors to present a new test method based on testing the two kinds of coding errors.Experimental result shows that the test method can test all the code injection vulnerabilities of Web application effectively with less test workload.

Jianbin Hu,Yonggang Wang,Cong Tang,Zhong Chen

2010-01-01

Abstract:Automatic Network Penetration Testing (ANPT) has been widely used in exploring vulnerabilities. With network topology becoming more complex, the demand of ANPT also increases quite a lot. However, due to the tool management and scale problems, etc, current ANPT methodologies and processes are not automatic enough to meet the increasing demand for network security assessment. Aiming at a higher degree of automation, this paper proposes three main challenges existing in ANPT. In response, we introduce several principles to meet the challenges, combining with some new definitions that we propose, such as Key Penetration State(KPS), and Penetration Probability(PPrb).

Qianyu Li,Ruipeng Wang,Min Zhang,Fan Shi,Yi Shen,Miao Hu,Bingyang Guo,Chengxi Xu

DOI: https://doi.org/10.1109/tii.2024.3379633

IF: 12.3

2024-01-01

IEEE Transactions on Industrial Informatics

Abstract:Penetration testing is widely acknowledged as the foremost method for evaluating network security. However, three challenges impede the generation of strategies that align with human expectations. In this article, we present, for the first time, a method based on human feedback to enhance strategy generation. Our approach comprises two components: agent training and decision-making. During agent training, we establish a hierarchical framework to decompose tasks and a knowledge base to offer advice for improving data efficiency. We then impose constraints on the action space to mitigate ineffective exploration. Finally, we train a reward model based on human feedback and fine tune the model guided by this reward model. In decision-making, we process the model output to enhance decision accuracy. We crafted scenarios based on real-world networks, and the results demonstrate the effectiveness of our method in generating penetration testing strategies that align more closely with human intentions.

pengfei wang,wentao zhao,fan zhang

DOI: https://doi.org/10.2991/cse.2013.48

2013-01-01

Abstract:This article foremost introduces the survivability theory into the analysis of APT penetration, proposes the concept of penetration survivability and addresses it from the basic attributes of concealment, recoverability, self-adaptability and evolutionary. Proposed a survivability-oriented APT penetration analysis model - PDMS, establishes the metric system by hierarchical analysis, constructs the knowledge base through statistical analysis, analyses and classifies the APT penetration through proper algorithm on the basis of the knowledge base. The feasibility is proved by actual APT penetration case analysis.

Papa Kobina Orleans-Bosomtwe

2024-07-24

Abstract:Critical infrastructure refers to essential physical and cyber systems vital to the functioning and stability of societies and economies. These systems include key sectors such as healthcare, energy, and water supply, which are crucial for societal and economic stability and are increasingly becoming prime targets for malicious actors, including state-sponsored hackers, seeking to disrupt national security and economic stability. This paper reviews literature on critical infrastructure security, focusing on penetration testing and exploit development. It explores four main questions: the characteristics of critical infrastructure, the role and challenges of penetration testing, methodologies of exploit development, and the contribution of these practices to security and resilience. The findings of this paper reveal inherent vulnerabilities in critical infrastructure and sophisticated threats posed by cyber adversaries. Penetration testing is highlighted as a vital tool for identifying and addressing security weaknesses, allowing organizations to fortify their defenses. Additionally, understanding exploit development helps anticipate and mitigate potential threats, leading to more robust security measures. The review underscores the necessity of continuous and proactive security assessments, advocating for integrating penetration testing and exploit development into regular security protocols. By doing so, organizations can preemptively identify and mitigate risks, enhancing the overall resilience of critical infrastructure. The paper concludes by emphasizing the need for ongoing research and collaboration between the public and private sectors to develop innovative solutions for the evolving cyber threat landscape. This comprehensive review aims to provide a foundational understanding of critical infrastructure security and guide future research and practices.

Cryptography and Security

Carlos Sarraute,Olivier Buffet,Joerg Hoffmann

DOI: https://doi.org/10.48550/arXiv.1306.4714

2013-06-20

Abstract:Penetration Testing is a methodology for assessing network security, by generating and executing possible attacks. Doing so automatically allows for regular and systematic testing without a prohibitive amount of human labor. A key question then is how to generate the attacks. This is naturally formulated as a planning problem. Previous work (Lucangeli et al. 2010) used classical planning and hence ignores all the incomplete knowledge that characterizes hacking. More recent work (Sarraute et al. 2011) makes strong independence assumptions for the sake of scaling, and lacks a clear formal concept of what the attack planning problem actually is. Herein, we model that problem in terms of partially observable Markov decision processes (POMDP). This grounds penetration testing in a well-researched formalism, highlighting important aspects of this problem's nature. POMDPs allow to model information gathering as an integral part of the problem, thus providing for the first time a means to intelligently mix scanning actions with actual exploits.

Artificial Intelligence,Cryptography and Security

Ge Chu,Alexei Lisitsa

DOI: https://doi.org/10.48550/arXiv.1908.06970

2019-08-18

Abstract:Penetration testing (or pentesting) is one of the widely used and important methodologies to assess the security of computer systems and networks. Traditional pentesting relies on the domain expert knowledge and requires considerable human effort all of which incurs a high cost. The automation can significantly improve the efficiency, availability and lower the cost of penetration testing. Existing approaches to the automation include those which map vulnerability scanner results to the corresponding exploit tools, and those addressing the pentesting as a planning problem expressed in terms of attack graphs. Due to mainly non-interactive processing, such solutions can deal effectively only with static and simple targets. In this paper, we propose an automated penetration testing approach based on the belief-desire-intention (BDI) agent model, which is central in the research on agent-based processing in that it deals interactively with dynamic, uncertain and complex environments. Penetration testing actions are defined as a series of BDI plans and the BDI reasoning cycle is used to represent the penetration testing process. The model is extensible and new plans can be added, once they have been elicited from the human experts. We report on the results of testing of proof of concept BDI-based penetration testing tool in the simulated environment.

Cryptography and Security,Multiagent Systems

Shari-Ann Smith-Haynes

2024-07-24

Abstract:Advances in fifth-generation (5G) networks enable unprecedented reliability, speed, and connectivity compared to previous mobile networks. These advancements can revolutionize various sectors by supporting applications requiring real-time data processing. However, the rapid deployment and integration of 5G networks bring security concerns that must be addressed to operate these infrastructures safely. This paper reviews penetration testing approaches for identifying security vulnerabilities in 5G networks. Penetration testing is an ethical hacking technique used to simulate a network's security posture in the event of cyberattacks. This review highlights the capabilities, advantages, and limitations of recent 5G-targeting security tools for penetration testing. It examines ways adversaries exploit vulnerabilities in 5G networks, covering tactics and strategies targeted at 5G features. A key topic explored is the comparison of penetration testing methods for 5G and earlier generations. The article delves into the unique characteristics of 5G, including massive MIMO, edge computing, and network slicing, and how these aspects require new penetration testing methods. Understanding these differences helps develop more effective security solutions tailored to 5G networks. Our research also indicates that 5G penetration testing should use a multithreaded approach for addressing current security challenges. Furthermore, this paper includes case studies illustrating practical challenges and limitations in real-world applications of penetration testing in 5G networks. A comparative analysis of penetration testing tools for 5G networks highlights their effectiveness in mitigating vulnerabilities, emphasizing the need for advanced security measures against evolving cyber threats in 5G deployment.

Cryptography and Security

Zhenduo Wang,Saifei Li,Lijie Zhang,Chunduo Hu,Lianshan Yan

DOI: https://doi.org/10.1016/j.cose.2024.103945

IF: 5.105

2024-06-08

Computers & Security

Abstract:Post-penetration red team automation testing effectively addresses the pain points of traditional manual red teams, including manpower, time costs, and the high level of professional knowledge required, thereby improving the efficiency and effectiveness of red team penetration testing. However, introducing automation technology into the red team testing domain still faces numerous technical challenges. These challenges include accurately simulating real attack environments, coordinating complex attack actions, and effectively resolving uncertainties during the attack process. These challenges remain critical issues that require urgent solutions. In this context, we propose a post-penetration-oriented automated red team penetration test modeling and planning approach. The objective of this approach is to automatically generate attack paths, coordinate attack behaviors, and adjust attack behaviors based on feedback, enabling attacks on real target networks through corresponding operations. We conducted analysis and performance testing on our solution, comparing it with other available planners. Our experimental results demonstrate the effectiveness of the proposed planner in achieving automated penetration testing. Compared to other available planners, ours can generate valid attack paths more quickly and exhibits excellent performance in planning effectiveness and quality. Furthermore, our planner possesses wide applicability across various penetration testing scenarios.

computer science, information systems

He-Jun Lu,Yang Yu

DOI: https://doi.org/10.1155/2021/5570001

IF: 2.3

2021-02-27

Complexity

Abstract:Aiming at the vulnerability of wireless network, this paper proposed a method of WiFi penetration testing based on Kali Linux which is divided into four stages: preparation, information collection, simulation attack, and reporting. By using the methods of monitoring, scanning, capturing, data analysis, password cracking, fake wireless access point spoofing, and other methods, the WiFi network penetration testing with Kali Linux is processed in the simulation environment. The experimental results show that the method of WiFi network penetration testing with Kali Linux has a good effect on improving the security evaluation of WiFi network.

mathematics, interdisciplinary applications,multidisciplinary sciences

Yunfei Ge,Quanyan Zhu

2024-09-22

Abstract:Penetration testing is an essential means of proactive defense in the face of escalating cybersecurity incidents. Traditional manual penetration testing methods are time-consuming, resource-intensive, and prone to human errors. Current trends in automated penetration testing are also impractical, facing significant challenges such as the curse of dimensionality, scalability issues, and lack of adaptability to network changes. To address these issues, we propose MEGA-PT, a meta-game penetration testing framework, featuring micro tactic games for node-level local interactions and a macro strategy process for network-wide attack chains. The micro- and macro-level modeling enables distributed, adaptive, collaborative, and fast penetration testing. MEGA-PT offers agile solutions for various security schemes, including optimal local penetration plans, purple teaming solutions, and risk assessment, providing fundamental principles to guide future automated penetration testing. Our experiments demonstrate the effectiveness and agility of our model by providing improved defense strategies and adaptability to changes at both local and network levels.

Cryptography and Security,Artificial Intelligence,Computer Science and Game Theory