Automation of cyber penetration testing using the detect, identify, predict, react intelligence automation model
Loading...
Authors
Deptula, Kendra
Subjects
Automated Penetration Testing
DIPR Artificial Intelligence Model
XML Standardization
DIPR Artificial Intelligence Model
XML Standardization
Advisors
Goshorn, Deborah E.
McEachen, John C.
Date of Issue
2013-09
Date
Sep-13
Publisher
Monterey, CA; Naval Postgraduate School
Language
Abstract
The design and implementation of a systems approach to a scalable, standardized automated cyber penetration testing system using the Detect, Identify, Predict, React (DIPR) intelligence automation model and data interoperability standards is the focus of this thesis. The system fuses information from multiple freeware programs that can be thought of as cyber sensors into an interoperable, robust whole in a manner that can tailor itself and learn over time. The groundwork is laid for an enduring system that can adapt to changing systems and vulnerabilities. A barebones proof-of-concept system is implemented and tested using NMap and Ettercap with the proposed DIPR XML file formats as the data intelligence automation standardization mechanism. By implementing this automated cyber penetration system, labor-intensive and costly cyber penetration testing can be simplified by reducing the amount of hand coding and manual testing.
Type
Thesis
Description
Series/Report No
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
Citation
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.