Theory of modern penetration testing expert system
نویسندگان
چکیده
منابع مشابه
Modern power system frequency response evaluation with virtual power plant penetration
New power systems based on VPP will be expanded in the future and analysis of the frequency behavior of these systems compared to current systems in the field of disruptions will be one of the most important issues of the system operators. In this paper, the equations of the frequency response model of conventional power system are expanded by considering the VPP's and their effective component...
متن کاملPenetration Testing
The TCB shall be found resistant to penetration. Near flawless penetration testing is a requirement for high-rated secure systems — those rated above B1 based on the Trusted Computer System Evaluation Criteria (TCSEC) and its Trusted Network and Database Interpretations (TNI and TDI). Unlike security functional testing, which demonstrates correct behavior of the product's advertised security co...
متن کاملQuantitative Penetration Testing with Item Response Theory (extended version)
Existing penetration testing approaches assess the vulnerability of a system by determining whether certain attack paths are possible in practice. Thus, penetration testing has so far been used as a qualitative research method. To enable quantitative approaches to security risk management, including decision support based on the cost-effectiveness of countermeasures, one needs quantitative meas...
متن کاملPenetration Testing == POMDP Solving?
Penetration Testing is a methodology for assessing network security, by generating and executing possible attacks. Doing so automatically allows for regular and systematic testing without a prohibitive amount of human labor. A key question then is how to generate the attacks. This is naturally formulated as a planning problem. Previous work (Lucangeli et al. 2010) used classical planning and he...
متن کاملCloud Penetration Testing
This paper presents the results of a series of penetration tests performed on the OpenStack Essex Cloud Management Software. Several different types of penetration tests were performed including network protocol and command line fuzzing, session hijacking and credential theft. Using these techniques exploitable vulnerabilities were discovered that could enable an attacker to gain access to rest...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Системи обробки інформації
سال: 2017
ISSN: 1681-7710,2518-1696
DOI: 10.30748/soi.2017.148.25