Goal-Directed Systems Testing: Automated Execution of Intelligently Generated Cyber Attack Plans
Author(s)
Dorchuck, Samuel Joseph
DownloadThesis PDF (21.97Mb)
Advisor
Shrobe, Howard
Terms of use
Metadata
Show full item recordAbstract
Red teaming, in which a team of professional hackers emulate an adversary in order to attempt to penetrate a network, has emerged as a vital tool in the cybersecurity industry to identify deficiencies in network defenses. Yet, hiring or maintaining a red team requires a substantial investment of time and money, and frequently such penetration testing proves non-comprehensive [1]. The major contribution of this project is to develop the foundations of an end-to-end process to automate adversarial emulation of systematically generated attack plans. Dr. Howard Shrobe has developed an intelligent attack generation tool, AttackPlanner, that exhaustively enumerates possible attack paths by which an adversary could attempt to achieve a high-level goal [2]. Built around observed adversarial tactics, techniques, and procedures identified in the ATT&CK Matrix [3], MITRE’s CALDERA is a robust automated, post-compromise, adversary emulation framework which allows users to autonomously execute cyber attacks [4]. By coupling AttackPlanner with CALDERA, we have demonstrated the ability to autonomously execute intelligently generated cyber attack plans. With further work on this project, the ultimate product would provide an automated, goal-directed systems testing capability.
Date issued
2021-09Department
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer SciencePublisher
Massachusetts Institute of Technology