Intellectualization of information and communication systems vulnerabilities validation process

Authors

  • Roman Kyrychok State University of Telecommunications, Ukraine

Abstract

The paper proposes a new approach to the intellectualization of information and communication systems vulnerabilities validation process during the active analysis of their security, the interconnection of the tasks of validating vulnerabilities, namely the tasks of verifying and confirming the possibility of implementing detected vulnerabilities through exploits and delivering the corresponding payload, with reinforcement learning is established.

References

J. Luan, J. Wang, M. Xue, “Automated Vulnerability Modeling and Verification for Penetration Testing Using Petri Nets”, ICCCS (2), pp. 71-82, 2016.

D. Wu, Y.-F. Lian, K. Chen, Y.-L. Liu, “A security threats identification and analysis method based on attack graph”, Jisuanji Xuebao (Chinese Journal of Computers), vol. 35, n. 9, pp. 1938–1950, 2012.

C. Sarraute, “Automated attack planning”, Ph.D.thesis, School of Engineering, Buenos Aires, Argentina, July 2nd, 2012.

R.S. Sutton, A.G. Barto, “Reinforcement Learning: An Introduction second edition”, The MIT Press, Cambridge, MA, 2018.

M. L. Tsetlin, “Automaton Theory and Modeling of Biological Systems”, Academic Press, New York, 1973.

CSITIC-2020

Downloads

Published

2020-04-23

Issue

2020: COMPUTER AND INFORMATION SYSTEMS AND TECHNOLOGIES

Section

RELIABILITY AND SAFETY ASSURANCE TECHNOLOGIES FOR COMPUTER AND INFORMATIONAL SYSTEMS