In penetration testing (pentesting), network administrators attack their own network to identify and fix vulnerabilities. Planning-based simulated pentesting can achieve much higher testing coverage than manual pentesting. A key challenge is for the attack planning to imitate human hackers as faithfully as possible. POMDP models have been proposed to this end, yet they are computationally very hard, and it is unclear how to acquire the models in practice. At the other extreme, classical planning models are scalable and simple to obtain, yet completely ignore the incomplete knowledge characteristic of hacking. We propose contingent planning as a new middle ground, feasible in both computation burden and model acquisition effort while allowin...
abstract: Vulnerability testing/evaluation is a regular task for cyber-security groups. Conducting t...
Existing penetration testing approaches assess the vulnerability of a system by determining whether ...
We report on the results of applying classical planning techniques to the problem of analyzing compu...
Penetration Testing is a methodology for assessing network security, by generating and executing pos...
Penetration Testing is a methodology for assessing network security, by generating and executing pos...
International audiencePenetration Testing is a methodology for assessing network security, by genera...
As penetration testing frameworks have evolved and have become more complex, the problem of controll...
Penetration testing (pentesting) is a well established method for identifying security weaknesses, b...
Assessing network security is a complex and difficult task. Attack graphs have been proposed as a to...
Penetration testing (also known as pentesting or PT) is a common practice for actively assessing the...
The penetration test has many repetitive operations and requires advanced expert knowledge, therefor...
Assessing network security is a complex and difficult task. Attack graphs have been proposed as a to...
Penetration testing (PT) is a method for assessing and evaluating the security of digital assets b...
Penetration testing is a well-established practical concept for the identification of potentially ex...
Penetration testing is a well-established practical concept for the identification of potentially ex...
abstract: Vulnerability testing/evaluation is a regular task for cyber-security groups. Conducting t...
Existing penetration testing approaches assess the vulnerability of a system by determining whether ...
We report on the results of applying classical planning techniques to the problem of analyzing compu...
Penetration Testing is a methodology for assessing network security, by generating and executing pos...
Penetration Testing is a methodology for assessing network security, by generating and executing pos...
International audiencePenetration Testing is a methodology for assessing network security, by genera...
As penetration testing frameworks have evolved and have become more complex, the problem of controll...
Penetration testing (pentesting) is a well established method for identifying security weaknesses, b...
Assessing network security is a complex and difficult task. Attack graphs have been proposed as a to...
Penetration testing (also known as pentesting or PT) is a common practice for actively assessing the...
The penetration test has many repetitive operations and requires advanced expert knowledge, therefor...
Assessing network security is a complex and difficult task. Attack graphs have been proposed as a to...
Penetration testing (PT) is a method for assessing and evaluating the security of digital assets b...
Penetration testing is a well-established practical concept for the identification of potentially ex...
Penetration testing is a well-established practical concept for the identification of potentially ex...
abstract: Vulnerability testing/evaluation is a regular task for cyber-security groups. Conducting t...
Existing penetration testing approaches assess the vulnerability of a system by determining whether ...
We report on the results of applying classical planning techniques to the problem of analyzing compu...