Automation of Cyber Penetration Testing Using the Detect, Identify, Predict, React Intelligence Automation Model

Abstract

The design and implementation of a systems approach to a scalable, standardized automated cyber penetration testing system using the Detect, Identify, Predict, React (DIPR) intelligence automation model and data interoperability standards is the focus of this thesis. The system fuses information from multiple freeware programs that can be thought of as cyber sensors into an interoperable, robust whole in a manner that can tailor itself and learn over time. The groundwork is laid for an enduring system that can adapt to changing systems and vulnerabilities. A barebones proof-of-concept system is implemented and tested using NMap and Ettercap with the proposed DIPR XML file formats as the data intelligence automation standardization mechanism. By implementing this automated cyber penetration system, labor-intensive and costly cyber penetration testing can be simplified by reducing the amount of hand coding and manual testing.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 01, 2013
Accession Number
ADA590032

Entities

People

  • Kendra Deptula

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Artificial Intelligence
  • Automation
  • Command And Control
  • Computer Networks
  • Computer Programming
  • Computers
  • Control Systems
  • Cyberspace Operations
  • Database Management Systems
  • Denial Of Service Attack
  • Graphical User Interface
  • Information Systems
  • Intrusion Detection
  • Intrusion Detection Systems
  • Intrusion Detectors
  • Network Protocols
  • Operating Systems

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Software Engineering.
  • Systems Analysis and Design

Technology Areas

  • Cyber