Full metadata
Title
Automated Vulnerability/Adversary Testing Using AI/ML Algorithms
Description
Vulnerability testing/evaluation is a regular task for cyber-security groups. Conducting tasks like this can take up a great amount of time and may not be perfect. Automating these tasks helps speed up the rate at which experts can test systems. However, script based or static programs that run automatically often do not have the versatility required to properly replace human analysis. With the advances in Artificial Intelligence and Machine Learning, a utility can be developed that would allow for the creation of penetration testing plans rather than manually testing vulnerabilities. A variety of existing cyber-security programs and utilities provide an API layer that commonly interacts with the Python environment. With the commonality of AI/ML tools within the Python ecosystem, a plugin like interface can be developed to feed any AI/ML program real world data and receive a response/report in return. Using Python 2.7+, Python 3.6+, pymdptoolbox, and POMDPy, a program was developed that ingests real-world data from scanning tools and returned a suggested course of action to be used by analysts in order to perform a practical validation of the algorithms in a real world setting. This program was able to successfully navigate a test network and produce results that were expected to be found on the target machines without needing human analysis of the network. Using POMDP based systems for more cyber-security type tasks may be a valuable use case for future developments and help ease the burden faced in a rapid paced world.
Date Created
2020-05
Contributors
- Belanger, Connor Lawrence (Author)
- Huang, Dijiang (Thesis director)
- Chowdhary, Ankur (Committee member)
- Computer Science and Engineering Program (Contributor)
- Barrett, The Honors College (Contributor)
Topical Subject
Resource Type
Extent
27 pages
Language
eng
Copyright Statement
In Copyright
Primary Member of
Series
Academic Year 2019-2020
Handle
https://hdl.handle.net/2286/R.I.56100
Level of coding
minimal
Cataloging Standards
System Created
- 2020-04-03 12:00:06
System Modified
- 2021-08-11 04:09:57
- 3 years 3 months ago
Additional Formats