Using Coloured Petri Nets in Penetration Testing

Network penetration testing is a well-known approach used for security testing. Penetrating testing can be a laborious task which relies much on human knowledge and expertise, with various techniques employed, and an extensive amount of tools used in the process. A methodical approach to penetration testing is therefore recommended. The flaw hypothesis methodology, used in this thesis, represent one of the most used models for penetration testing and have great similarities in other penetration testing methodologies and standards used today. Petri nets represent a graph based mathematically sound modelling technique for concurrent systems, and provide a graphically intuitive approach for modelling, simulation and execution. A coloured Petri net is a high level Petri net that provides a significant increase in the expressiveness and compactness of Petri net models. The flaw hypothesis methodology used together with coloured Petri net attack models is presented in the thesis. The use of coloured Petri nets is described and analysed through case studies elucidating several properties of Petri net variants and their suitability to modelling attacks in penetration testing. Advantages of modelling attacks with coloured Petri nets have been explored and are described. Coloured Petri nets have been found to have many usefull mechanisms for modelling, analysing, and automatically executing penetration attempts, e.g. through their ability to model states, transitions, concurrency, and timing. The overall topic of the thesis is the technical aspects of penetration testing, what it is, and a methodical approach to it.