Ontology-based big data approach to automated penetration testing of large-scale heterogeneous systems

Abstract

Global corporations and government organizations are nowadays represented in cyberspace in the form of numerous large-scale heterogeneous information systems, which implement corresponding business, technological and other types of processes. This extends the set of security analysis tasks, stated for these infrastructures, and tangles already existing tasks. This paper addresses the challenge of increasing penetration testing automation level through the adoption of semi-automatic knowledge extraction from the huge amounts of heterogeneous regularly updated data. The proposed solution is based on the novel penetration testing ontology, which gives a holistic view on the results of security analysis. Designed ontology is evaluated within the penetration testing framework prototype and binds together the conceptual (process) abstraction level, addressed by security experts, and technical abstraction level, employed in modern security analysis tools and methods.