Perrone, Gaetano
(2021)
An Automated Approach to Offensive Security.
[Tesi di dottorato]
Item Type: |
Tesi di dottorato
|
Resource language: |
English |
Title: |
An Automated Approach to Offensive Security |
Creators: |
Creators | Email |
---|
Perrone, Gaetano | gaetano.perrone@unina.it |
|
Date: |
12 December 2021 |
Number of Pages: |
109 |
Institution: |
Università degli Studi di Napoli Federico II |
Department: |
Ingegneria Elettrica e delle Tecnologie dell'Informazione |
Dottorato: |
Information technology and electrical engineering |
Ciclo di dottorato: |
34 |
Coordinatore del Corso di dottorato: |
nome | email |
---|
Riccio, Daniele | daniele.riccio@unina.it |
|
Tutor: |
nome | email |
---|
Romano, Simon Pietro | UNSPECIFIED |
|
Date: |
12 December 2021 |
Number of Pages: |
109 |
Keywords: |
WebPT;Penetration Testing;Automation Offensive Security;cyber-range;security training; |
Settori scientifico-disciplinari del MIUR: |
Area 09 - Ingegneria industriale e dell'informazione > ING-INF/05 - Sistemi di elaborazione delle informazioni |
[error in script]
[error in script]
Date Deposited: |
31 Jan 2022 09:32 |
Last Modified: |
28 Feb 2024 11:41 |
URI: |
http://www.fedoa.unina.it/id/eprint/14296 |
Collection description
Cybersecurity is an increasingly important domain in Information Technology.
In a time when each device is connected, cyber threats evolve more and more. Companies need to be protected and to evaluate the potential threats to their systems. There are several approaches to find flaws inside the systems. A very effective one is to simulate the attacker’s activities to break inside the environment, obtain access to sensitive information, and compromise the internal network. This kind of activity is called Penetration Testing, and its effectiveness lies in the ability to discover the most critical vulnerabilities.
Despite its benefits, companies usually cannot meet their costs, as it requires advanced security experts. Our research work aims to integrate the
knowledge of security experts inside an automated system that emulates a Penetration Tester’s activities. To accomplish this, we bring three main research
contributions:
- We develop behavioural models of Penetration Testing activities;
- We develop a platform that integrates Behavioural Models and implements actions to send attacks;
- We develop several solutions in the so-called cyber-range domain to test our platform in realistic virtual environments.
Downloads per month over past year
Actions (login required)
|
View Item |