{"title":"利用深度学习构建汽车Web渗透测试","authors":"Jian Jiao, Haini Zhao, Hongsheng Cao","doi":"10.1145/3457682.3457691","DOIUrl":null,"url":null,"abstract":"Penetration test is an important means to test the security of the web system. It has been mainly carried out by tester manually. The main reason is that it is difficult to generate test path and code automatically because of the complex network environment. The traditional method for attack path can't give the code for the whole penetration process. The traditional penetration path is based on the correlation between vulnerabilities and lacks practical experience support. In this paper, we propose a method based on CNN, which can automatically produce the code of penetration test by training the data which originate from the real attack events. We further implement the system to verify it. In a real environment experiment, we have validated the system, and analyzed the feasibility and performance of the CNN technology for penetration tests.","PeriodicalId":142045,"journal":{"name":"2021 13th International Conference on Machine Learning and Computing","volume":"271 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-02-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Using Deep Learning to Construct Auto Web Penetration Test\",\"authors\":\"Jian Jiao, Haini Zhao, Hongsheng Cao\",\"doi\":\"10.1145/3457682.3457691\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Penetration test is an important means to test the security of the web system. It has been mainly carried out by tester manually. The main reason is that it is difficult to generate test path and code automatically because of the complex network environment. The traditional method for attack path can't give the code for the whole penetration process. The traditional penetration path is based on the correlation between vulnerabilities and lacks practical experience support. In this paper, we propose a method based on CNN, which can automatically produce the code of penetration test by training the data which originate from the real attack events. We further implement the system to verify it. In a real environment experiment, we have validated the system, and analyzed the feasibility and performance of the CNN technology for penetration tests.\",\"PeriodicalId\":142045,\"journal\":{\"name\":\"2021 13th International Conference on Machine Learning and Computing\",\"volume\":\"271 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-02-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 13th International Conference on Machine Learning and Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3457682.3457691\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 13th International Conference on Machine Learning and Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3457682.3457691","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Using Deep Learning to Construct Auto Web Penetration Test
Penetration test is an important means to test the security of the web system. It has been mainly carried out by tester manually. The main reason is that it is difficult to generate test path and code automatically because of the complex network environment. The traditional method for attack path can't give the code for the whole penetration process. The traditional penetration path is based on the correlation between vulnerabilities and lacks practical experience support. In this paper, we propose a method based on CNN, which can automatically produce the code of penetration test by training the data which originate from the real attack events. We further implement the system to verify it. In a real environment experiment, we have validated the system, and analyzed the feasibility and performance of the CNN technology for penetration tests.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
