AI-Based Autonomous Security Assessment Tool
Description
As automation research into penetration testing has developed, several methods have been proposed as suitable control mechanisms for use in pentesting frameworks. These include Markov Decision Processes (MDPs), partially observable Markov Decision Processes (POMDPs), and POMDPs utilizing reinforcement learning. Since much work has been done automating other aspects of the pentesting process using exploit frameworks and scanning tools, this is the next focal point in this field. This paper shows a fully-integrated solution comprised of a POMDP-based planning algorithm, the Nessus scanning utility, and MITRE's CALDERA pentesting platform. These are linked in order to create an autonomous AI attack platform with scanning, planning, and attack capabilities.
Date Created
The date the item was original created (prior to any relationship with the ASU Digital Repositories.)
2020-05
Agent
- Author (aut): Dejarnett, Eric Andrew
- Thesis director: Huang, Dijiang
- Committee member: Chowdhary, Ankur
- Contributor (ctb): Computer Science and Engineering Program
- Contributor (ctb): Barrett, The Honors College