Go to DBLP homepageA Multi-Agent Framework for Penetration Testing: Modelling and Analysing Using Abstract State Machines
Abstract: This paper proposes a novel multi-agent framework for penetration testing that aims to enable efficient and adaptive collaboration of specialised agents. This framework uses the Blackboard system for communication between Scout, Attack, and Analysis Agents. The combined efforts of these agents are aimed at assessing the security available on the networks, and a Decision-Making Agent (DMA) controls it all by making crucial decisions using collected information. This leads to a much better scalability and sophistication of security analyses, thus enhancing the penetration testing process. To guarantee the reliability and robustness of our framework, we use the Abstract State Machine (ASM) as a method to develop a formal model expressing this framework. The model developed is then validated and verified against some defined constraints and properties in order to demonstrate safety, free-deadlock, liveness, and reachability of the elaborated framework.
Loading