Goal-Directed Systems Testing: Automated Execution of Intelligently Generated Cyber Attack Plans
Red teaming, in which a team of professional hackers emulate an adversary in order to attempt to penetrate a network, has emerged as a vital tool in the cybersecurity industry to identify deficiencies in network defenses. Yet, hiring or maintaining a red team requires a substantial investment of tim...
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Thesis |
| Published: |
Massachusetts Institute of Technology
2022
|
| Online Access: | https://hdl.handle.net/1721.1/139911 |
| _version_ | 1811077923855138816 |
|---|---|
| author | Dorchuck, Samuel Joseph |
| author2 | Shrobe, Howard |
| author_facet | Shrobe, Howard Dorchuck, Samuel Joseph |
| author_sort | Dorchuck, Samuel Joseph |
| collection | MIT |
| description | Red teaming, in which a team of professional hackers emulate an adversary in order to attempt to penetrate a network, has emerged as a vital tool in the cybersecurity industry to identify deficiencies in network defenses. Yet, hiring or maintaining a red team requires a substantial investment of time and money, and frequently such penetration testing proves non-comprehensive [1]. The major contribution of this project is to develop the foundations of an end-to-end process to automate adversarial emulation of systematically generated attack plans. Dr. Howard Shrobe has developed an intelligent attack generation tool, AttackPlanner, that exhaustively enumerates possible attack paths by which an adversary could attempt to achieve a high-level goal [2]. Built around observed adversarial tactics, techniques, and procedures identified in the ATT&CK Matrix [3], MITRE’s CALDERA is a robust automated, post-compromise, adversary emulation framework which allows users to autonomously execute cyber attacks [4]. By coupling AttackPlanner with CALDERA, we have demonstrated the ability to autonomously execute intelligently generated cyber attack plans. With further work on this project, the ultimate product would provide an automated, goal-directed systems testing capability. |
| first_indexed | 2024-09-23T10:50:26Z |
| format | Thesis |
| id | mit-1721.1/139911 |
| institution | Massachusetts Institute of Technology |
| last_indexed | 2024-09-23T10:50:26Z |
| publishDate | 2022 |
| publisher | Massachusetts Institute of Technology |
| record_format | dspace |
| spelling | mit-1721.1/1399112022-02-08T03:48:08Z Goal-Directed Systems Testing: Automated Execution of Intelligently Generated Cyber Attack Plans Dorchuck, Samuel Joseph Shrobe, Howard Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science Red teaming, in which a team of professional hackers emulate an adversary in order to attempt to penetrate a network, has emerged as a vital tool in the cybersecurity industry to identify deficiencies in network defenses. Yet, hiring or maintaining a red team requires a substantial investment of time and money, and frequently such penetration testing proves non-comprehensive [1]. The major contribution of this project is to develop the foundations of an end-to-end process to automate adversarial emulation of systematically generated attack plans. Dr. Howard Shrobe has developed an intelligent attack generation tool, AttackPlanner, that exhaustively enumerates possible attack paths by which an adversary could attempt to achieve a high-level goal [2]. Built around observed adversarial tactics, techniques, and procedures identified in the ATT&CK Matrix [3], MITRE’s CALDERA is a robust automated, post-compromise, adversary emulation framework which allows users to autonomously execute cyber attacks [4]. By coupling AttackPlanner with CALDERA, we have demonstrated the ability to autonomously execute intelligently generated cyber attack plans. With further work on this project, the ultimate product would provide an automated, goal-directed systems testing capability. M.Eng. 2022-02-07T15:12:12Z 2022-02-07T15:12:12Z 2021-09 2021-11-03T19:25:39.805Z Thesis https://hdl.handle.net/1721.1/139911 In Copyright - Educational Use Permitted Copyright MIT http://rightsstatements.org/page/InC-EDU/1.0/ application/pdf Massachusetts Institute of Technology |
| spellingShingle | Dorchuck, Samuel Joseph Goal-Directed Systems Testing: Automated Execution of Intelligently Generated Cyber Attack Plans |
| title | Goal-Directed Systems Testing: Automated Execution of Intelligently Generated Cyber Attack Plans |
| title_full | Goal-Directed Systems Testing: Automated Execution of Intelligently Generated Cyber Attack Plans |
| title_fullStr | Goal-Directed Systems Testing: Automated Execution of Intelligently Generated Cyber Attack Plans |
| title_full_unstemmed | Goal-Directed Systems Testing: Automated Execution of Intelligently Generated Cyber Attack Plans |
| title_short | Goal-Directed Systems Testing: Automated Execution of Intelligently Generated Cyber Attack Plans |
| title_sort | goal directed systems testing automated execution of intelligently generated cyber attack plans |
| url | https://hdl.handle.net/1721.1/139911 |
| work_keys_str_mv | AT dorchucksamueljoseph goaldirectedsystemstestingautomatedexecutionofintelligentlygeneratedcyberattackplans |