Table of Content

Open Access iconOpen Access

ARTICLE

crossmark

APU-D* Lite: Attack Planning under Uncertainty Based on D* Lite

by Tairan Hu, Tianyang Zhou, Yichao Zang, Qingxian Wang, Hang Li

1 State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou, 450001, China.
2 School of Electrical Engineering and Telecommunications UNSW, Kensington, NSW 2033, Australia.

* Corresponding Author: Yichao Zang. Email: email.

Computers, Materials & Continua 2020, 65(2), 1795-1807. https://doi.org/10.32604/cmc.2020.011071

Abstract

With serious cybersecurity situations and frequent network attacks, the demands for automated pentests continue to increase, and the key issue lies in attack planning. Considering the limited viewpoint of the attacker, attack planning under uncertainty is more suitable and practical for pentesting than is the traditional planning approach, but it also poses some challenges. To address the efficiency problem in uncertainty planning, we propose the APU-D* Lite algorithm in this paper. First, the pentest framework is mapped to the planning problem with the Planning Domain Definition Language (PDDL). Next, we develop the pentest information graph to organize network information and assess relevant exploitation actions, which helps to simplify the problem scale. Then, the APUD* Lite algorithm is introduced based on the idea of incremental heuristic searching. This method plans for both hosts and actions, which meets the requirements of pentesting. With the pentest information graph as the input, the output is an alternating host and action sequence. In experiments, we use the attack success rate to represent the uncertainty level of the environment. The result shows that APU-D* Lite displays better reliability and efficiency than classical planning algorithms at different attack success rates.

Keywords


Cite This Article

APA Style
Hu, T., Zhou, T., Zang, Y., Wang, Q., Li, H. (2020). APU-D* lite: attack planning under uncertainty based on D* lite. Computers, Materials & Continua, 65(2), 1795-1807. https://doi.org/10.32604/cmc.2020.011071
Vancouver Style
Hu T, Zhou T, Zang Y, Wang Q, Li H. APU-D* lite: attack planning under uncertainty based on D* lite. Comput Mater Contin. 2020;65(2):1795-1807 https://doi.org/10.32604/cmc.2020.011071
IEEE Style
T. Hu, T. Zhou, Y. Zang, Q. Wang, and H. Li, “APU-D* Lite: Attack Planning under Uncertainty Based on D* Lite,” Comput. Mater. Contin., vol. 65, no. 2, pp. 1795-1807, 2020. https://doi.org/10.32604/cmc.2020.011071



cc Copyright © 2020 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 2453

    View

  • 1379

    Download

  • 0

    Like

Related articles

Share Link