CN115061910A - Semi-automatic safety testing method based on PDCA (packet data packet access) cycle - Google Patents

Semi-automatic safety testing method based on PDCA (packet data packet access) cycle Download PDF

Info

Publication number
CN115061910A
CN115061910A CN202210677006.7A CN202210677006A CN115061910A CN 115061910 A CN115061910 A CN 115061910A CN 202210677006 A CN202210677006 A CN 202210677006A CN 115061910 A CN115061910 A CN 115061910A
Authority
CN
China
Prior art keywords
test
tool
testing
test tool
sequence
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210677006.7A
Other languages
Chinese (zh)
Inventor
温泉
王晓菲
王芳鸣
王斌
曾颖明
王亚洲
张茜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Institute of Computer Technology and Applications
Original Assignee
Beijing Institute of Computer Technology and Applications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Institute of Computer Technology and Applications filed Critical Beijing Institute of Computer Technology and Applications
Priority to CN202210677006.7A priority Critical patent/CN115061910A/en
Publication of CN115061910A publication Critical patent/CN115061910A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3684Test management for test design, e.g. generating new test cases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/004Artificial life, i.e. computing arrangements simulating life
    • G06N3/006Artificial life, i.e. computing arrangements simulating life based on simulated virtual individual or collective life forms, e.g. social simulations or particle swarm optimisation [PSO]

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Biomedical Technology (AREA)
  • Evolutionary Computation (AREA)
  • Artificial Intelligence (AREA)
  • Health & Medical Sciences (AREA)
  • Biophysics (AREA)
  • Computational Linguistics (AREA)
  • Data Mining & Analysis (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Molecular Biology (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Software Systems (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The invention relates to a semi-automatic safety testing method based on PDCA circulation, belonging to the technical field of network safety. The invention designs a semi-automatic loop iterative upgrade security test method which surrounds PDCA 'plan-design-check-correction' loop, and is characterized by 'action planning, order-as-needed, optimal scheduling and execution feedback', so that the high-efficiency security test facing to a test object is realized, the difference of test tools in the aspects of input and output, execution interaction and the like is shielded, and the test task autonomous planning and the execution driving capability are formed.

Description

Semi-automatic safety testing method based on PDCA (packet data packet access) cycle
Technical Field
The invention belongs to the technical field of network security, and particularly relates to a semi-automatic security testing method based on PDCA (packet data access) circulation.
Background
The rapid development and the large number of applications of the information network technology greatly promote the digitalization, networking and modernization processes of the key information infrastructure in China. The development and deployment of different grades and different types of information systems such as office systems, information networks, infrastructure and the like realize informatization of important industries and fields such as energy, communication, traffic, public safety and the like in China, the systems are interconnected through networks to form a systematized and networked information system, so that the informatization and digitization capacity of China is promoted to be continuously improved, and the tiling is added for accelerating the promotion of digital Chinese construction and the implementation of the network forcing strategy.
However, with the development of network technology, the threat of network security attack is increasing day by day, and according to the report of 2021 year network security half-year formal analysis issued by the Ministry of industry and communications security center, the current network security form is severe, the number of global network attack events is obviously increased, large-scale data leakage events are emerging continuously, and great potential safety hazard is caused to key information infrastructure. With the development of the digital era and the deepening of the interconnection of everything, lawless persons are also accelerated to shift to the online, the network attack situation of specialization, scale and industrialization is presented, and the network security protection form of the information system is increasingly severe. Globally, network security is regarded as a strategic focus of national security in each major country in the world, various comprehensive network security policies are developed, requirements for enhancing information security, data security, supply chain security and the like are made, and executable requirements are made for network security capability of each industry.
In order to guarantee continuous safe and stable operation of increasingly developed information systems and key infrastructures in China, scientific safety test activities need to be continuously carried out on the key information infrastructures, various safety defects existing in the systems are fully explored, the safety defense capability of the systems is scientifically evaluated, and supports are provided for eliminating the safety defects existing in the systems so as to guarantee safe and stable operation of the key information infrastructures in China.
The core idea of the safety test is to verify the relative safety degree of the system and improve the cost of the system being broken. From an initiative perspective, security tests can be divided into active defense inspection and permeability tests, which in turn include rule-based security scanning and manual permeability tests. The safety test depends on the experience of personnel and the support of a test tool, and the target system vulnerability is continuously and deeply excavated and utilized, so that the target is comprehensively tested.
In order to improve the scientificity, sufficiency and high efficiency of the safety test and research the method for improving the automation degree of the safety test, the method has very important functions and meanings:
firstly, can promote the intelligent degree of security test, realize independently selecting, calling and driving tool resource, reduce the degree of dependence to personnel, promote security detection efficiency, form quick, effective detection capability to computer and network information system.
Secondly, the effective safety test technology can shield the difference between tools through efficient planning and driving execution of the tools, avoid the adverse effect that the test execution cost is multiplied by the increase of the safety test tool type caused by the increase of the test target object range, support the continuously increased test object range and improve the detection capability of the safety test.
In order to solve the defect that the permeability detection tool only faces to the traditional computer network at the present stage, the detection range of target objects such as a big data platform, a cloud platform, video monitoring equipment, office automation equipment and the like is expanded, the detection capability of the permeability detection platform needs to be improved, and new technologies and new means need to be added to meet the requirement of continuous development of detection objects.
The traditional safety testing technology mainly faces the following four limitations to the planning and selection method of the testing tool, influences the efficiency of safety testing and restricts the development of safety testing work. Firstly, a pre-distributed static resource scheduling method is mostly adopted for selecting a test tool at present, and the selection of resources depends on the experience of a tester seriously; secondly, because the execution result of the test object is uncertain, dynamic adjustment needs to be carried out on each stage of the test process, the current selection method mostly depends on multiple attempts and frequent trial and error on a test tool, and the resource overhead is increased; thirdly, the randomness of the determination of the testing resources and the paths causes the one-sidedness of the testing work, the testing process is not systematic, and the comprehensive requirement of the safety test is difficult to meet; fourthly, the massive security test resources are limited by the great differences in the aspects of resource form, use mode, target object type, operation position, execution control mode, data interface and the like, so that higher requirements are put forward on the experience of testers, and the difficulty in optimization and selection of the test resources is increased.
Disclosure of Invention
Technical problem to be solved
The technical problem to be solved by the invention is as follows: how to design a semi-automatic safety test method, realize the high-efficient safety test oriented to the test object, shield the difference of the test tool in the aspects of input and output, execution interaction and the like, form the autonomous planning of the test task and drive the executive ability.
(II) technical scheme
In order to solve the technical problem, the invention provides a semi-automatic safety testing method based on PDCA circulation, which comprises the following steps:
step 1: planning: packaging and modeling the safety testing tool, and planning the matching correlation degree between the testing requirement, the testing behavior and the testing tool so as to construct a safety testing knowledge graph;
step 2: designing: on the basis of the result formed in the step 1, an attack graph dynamic generation method based on an attack mode is used for initially compiling and constructing a test path, and each test node on the test path is butted with a test tool;
and step 3: and (4) checking: performing optimization processing on the test path set formed by planning in the step 2 by using an ant colony optimization algorithm, and screening out an optimal test tool sequence;
and 4, step 4: and (3) correction: and (4) feeding back the resource scheduling and the adjustment of the path screening parameters in combination with the change of the actual state in the testing process, and continuously optimizing the testing tool sequence.
Preferably, step 1 is specifically as follows:
step 1.1: modeling and packaging the test tool to form a test resource pool, and realizing the basis of unified resource configuration, driving and automatic execution;
firstly, carrying out multi-dimensional attribute analysis on a test tool, and carrying out attribute marking on the dimensions of a physical domain, a logic domain and a state domain to obtain a test tool attribute description model;
the physical domain comprises basic attributes, interface attributes, action conditions, action distances and parameter configuration attributes: the basic attributes describe the name, type, version model and form of the tool resource; the interface attribute comprises information such as interface name, interface type, transmission data type and data format which can be provided by the tool resource; the action conditions comprise the operation system platform of the tool resource, the operation supporting software and the attribute information of the elements of relying on the weakness; the action distance comprises a deployment position and a communication mode when the tool acts on the target object; the parameter configuration attribute comprises information of parameter configuration and strategy configuration of the resource;
the logical domain contains the attributes of function, performance, effect, trace: the functional attribute describes the attribute characteristics of the attack test behavior which can be implemented by the tool; the performance attributes describe the degree, efficiency, accuracy, etc. of the tool in performing a function; the action effect refers to the effect achieved by the tool acting on the target object; traces generated by the action trace value tool when performing a function on the target object;
the state field comprises attributes of idle state, active state, fault state, reservation state and test time: the idle state describes that the tool is currently in an available state; the fault state describes that the current state of the tool is a fault and cannot be called; the in-use state indicates that the tool is currently being used; the reservation state describes that the tool is reserved for use at a future time; the test time describes the time required for the tool to perform the current task;
constructing and forming a { object, attribute, relation and state } quaternary description model on the basis of the test tool attribute description model, and shielding the difference of test resources;
further, in order to realize the unified management and control of the testing tool, the testing tool is subjected to an interfacing packaging design, a tool interaction interface, a management and control interface, an engine driving interface and a data acquisition interface are uniformly constrained, the modeling definition of driving, execution and interaction of testing resources is realized, and the tool interaction interface is used for realizing the input and output interaction function between the running of the testing tool; the management and control interface is used for realizing a management and control function between the test tool and the execution platform; the engine driving interface is used for realizing execution control of the test tool; the data acquisition interface is used for acquiring result data and tool execution state data in the test tool execution process;
step 1.2: extracting knowledge of a security test basic link, and establishing a security test knowledge map;
modeling the attribute of the safety testing tool based on the step 1.1, analyzing and summarizing the safety testing requirement, the operation behavior and the tool attribute, extracting the association rules between the testing requirement and the testing behavior and between the testing behavior and the testing tool, further constructing a multi-dimensional mapping matrix between the testing requirement and the testing behavior and between the testing behavior and the testing tool, and forming a safety testing knowledge graph through a heterogeneous protocol.
Preferably, in step 1, the process of establishing the security testing knowledge graph is as follows: the construction process of the knowledge graph starts from original data of three dimensions of test requirements, test behaviors and test tools, elements of knowledge are extracted from the original data and stored in a data layer and a mode layer of a knowledge base, iteration construction is carried out on the basis, and the construction of the knowledge graph is completed in a circulating reciprocating mode through continuous iteration of three stages of information extraction, knowledge fusion and knowledge processing.
Preferably, in step 1, the knowledge graph is further subjected to security test knowledge query based on a semantic search function of the knowledge graph, key words of a security test tool and a test effect are analyzed and inferred, the key words are further mapped onto one or a group of concepts in the knowledge graph, and then according to a concept hierarchy structure in the knowledge graph, a knowledge network with a query entity as a center is returned to assist in completing test scheme design and task planning.
Preferably, step 2 is specifically:
step 2.1, constructing a test mode model;
describing a test pattern by using a quintuple < Name, VulnerabilitySet, Pre, Effect, QuantifedSet >, wherein the Name is the Name of the test pattern; VulnerabilitySet is a set of vulnerability utilization of the test mode; pre is the precondition of the test mode; effect is the attack Effect of the test mode; the quantifiedSet is a test mode extension quantization attribute set, and according to test properties, only the and relation and not the or relation are contained between each utilization precondition and each utilization consequence of a test mode;
step 2.2: attack graph construction based on step 2.1
The process of constructing the attack graph is to match the tool according to the attack surface and the weakness of the target network and the test mode so that the test mode can be instantiated as an atom test action, and the test path is extended forwards by using the connection of the precondition and the effect between two adjacent test atoms on the test path so as to complete the construction of a test path sequence and the attack graph;
step 2.3: test path planning based on the attack graph
Based on the attack graph constructed in the step 2.2, a path corresponding to the attack graph is calculated and formed by using a path traversal algorithm of the directed graph, namely, the path is a set of test paths, the exposed surface and weak point analysis, the test resource matching, the test precondition and the effect linkage of the test object are formed by using the construction of the attack graph to form a test path plan, all the test paths are fully traversed under the guidance of the knowledge graph constructed in the step 1, the comprehensive combing of the test tool sequences is ensured, and the success probability is calculated for each tool sequence according to the guidance of the knowledge graph in the step 1 and is used as the input of the optimization adjustment in the step 3.
Preferably, in step 2.2, the meaning of the vertex of the attack graph is expanded to increase the contents of the test tool and the test effect, and the meaning of the edge of the attack graph increases the contents of the possibility of successful test execution, the test execution time or the test efficiency.
Preferably, step 3 is specifically:
step 3.1: hypothesis testing tool sequenceThe method comprises the following steps that y test nodes are arranged, x optional test tools are arranged for distribution, the problem of the optimal distribution method is solved, abstraction is to use ant colony algorithm for reference, the problem that x ants are placed on y vertexes for optimal path selection is solved, and a test tool sequence is expressed as follows: t ═ T { [ T 1 ,T 2 ,T 3 ,…,T x },T i Representing the ith test tool, and the test node set is as follows: v ═ V 1 ,V 2 ,V 3 ,…,V y },V j Represents the jth test node;
executing the test tool on one test node, and replacing the mapping relation between the test tool and the test node resources by the following matrix:
Figure BDA0003695160670000071
in the matrix, r ij Indicates that the tool T is to be tested i Assigned to test node V j Executing;
the selection of the test tool firstly needs to determine a reasonable distribution relation between the test tool and the test node, the time for selecting the test tool to finish and the load balance degree of the test node are indexes for judging whether the test tool is reasonable and whether a tool chain is effective, and the total execution time of a test tool sequence is as follows:
Figure BDA0003695160670000072
wherein e ij =Length i /Mips j Presentation of test tool T i At test node resource V j The execution time of (1);
the ant colony algorithm pheromone concentration updating formula is improved as follows: respectively improving local pheromone updating formula to be delta tau ij (t)=D/time ij And the global pheromone update formula is Δ τ ij '(t)=D/besttime ij Where D is a constant, time ij Representing a test node V j Executing test tool T i Completion time of (1), besttime ij Representing a test node V j Executing test tool T i Is shortest toForming time;
based on an improved ant colony algorithm, dynamically adjusting according to conditions at each test tool selection stage, selecting a better tool, recording the result, recording the test tool sequence if one test tool sequence can complete the test work, not recording if the test tool sequence is unsuccessful, reversely returning to a source point along an original path, destroying the path, and based on an improved pheromone delta tau ij (t) updating pheromones, starting from a source point again by ants, continuously searching and constructing a test tool sequence, recording the optimal test tool sequence after constructing and forming the optimal test tool sequence, continuously calling an improved ant colony algorithm to construct the test tool sequence, reversing the sequence and returning when the same test tool sequence appears, and selecting pollution for the test tools in the last step of the sequence, thereby constructing an optimal test tool chain of the residual solution space and realizing full coverage on the test path;
step 3.2: performing load balancing selection on the test tool by a weighted polling method;
the execution state of the test tool is understood as performance, the selection of the test tool can be understood as selecting the test tool with the best performance from the type set of the test tools to be selected, and the authority assignment is performed on the test tool, wherein the authority assignment comprises two load balancing weights of weight and effective _ weight, the weight is the initial weight of the test tool, the weight is fixed after the assignment, and the assignment of the initial weight is according to the execution time e of the test tool calculated in the step 3.1 ij Step 2.1, comprehensively evaluating the precondition Pre of the test mode defined in the step 2.1, wherein effective _ weight is the effective weight of the test tool, the initial value is weight, the effective weight of the test tool can be reduced after the test tool is selected to be in the calling state, if the test tool is in the fault state, the effective weight can be reduced, and then the test tool is released or the fault is relieved, and the effective weight can be gradually increased until the weight is recovered; the tool load balancing selection method is to select the test tool with the highest value from the test tool set according to the effective _ weight value, namely the test tool selection result of the current corresponding test node.
Preferably, step 4 is to perform dynamic optimization adjustment on the test effect and the feedback of the test path according to the dynamic change of the test information in the test process, and dynamically update parameters of the test requirement in step 1, the matching correlation between the test behavior and the test tool, the attack graph in step 2, the concentrations of the two ant colony algorithm pheromones in step 3, and the load balancing weight in step 3 by using the adjustment result, so as to form a feedback mechanism to improve the operation method in steps 1 to 3, and perform optimization adjustment and improvement on the planning scheme of the next test tool.
The invention also provides a system for realizing the method.
The invention also provides an application of the method in the technical field of network security.
(III) advantageous effects
Compared with the prior art, the invention has the following advantages:
(1) with the expansion of the test target types, the types and the number of the test tools are multiplied, and different tools have larger differences in the driving execution process.
(2) By applying technologies such as attack diagrams and ant colony algorithms, intelligent genes are injected into the execution process of the tool, and compared with the current tool selection and execution method mainly based on static selection and manual trial, the method has higher efficiency and improves the automation degree of safety testing.
Drawings
FIG. 1 is a flow chart of a PDCA cycle-based security testing method designed by the present invention;
FIG. 2 is a model of the test tool attribute description according to the present invention.
Detailed Description
In order to make the objects, contents and advantages of the present invention clearer, the following detailed description of the embodiments of the present invention will be made in conjunction with the accompanying drawings and examples.
The invention provides a semi-automatic safety testing method based on PDCA (packet data access) cycle, which is a safety testing method for semi-automatic cycle iterative upgrade, which surrounds the 'planning-designing-checking-correcting' cycle of PDCA, designs 'action planning, marshalling as required, optimizing scheduling and executing feedback', realizes high-efficiency safety testing for a test object, shields the difference of a testing tool in the aspects of input and output, execution interaction and the like, and forms the autonomous planning and driving execution capacity of a testing task.
In the safety test, a tester researches the vulnerability of the tested information system, selects a series of reasonable tools, constructs and forms a safety test tool sequence through ordered combination, and realizes specific test requirements through executing the tools. The selection of the test tool has certain matching, namely the capability requirement of the tool is matched with the vulnerability of the test requirement and the test target; the test tool has certain relevance and dependency on calling execution, namely, the running of the subsequent tool on the tool execution sequence depends on the execution result of the prior tool to a certain extent. The key for improving the accuracy and the efficiency of the safety test is to improve the matching between the tool and the requirement planning in the safety test and the automation degree of the tool execution sequence.
In order to achieve the purpose, the technical scheme adopted by the invention abstracts the safety test process into four stages by using PDCA (packet data processing architecture) cycle thought for reference, makes action planning by matching an associated test tool with test requirements, initially organizes a test tool sequence according to needs, optimizes, schedules and screens an optimal sequence set, monitors the test process and feeds back the execution state of the tool, continuously optimizes the automation degree of tool matching and sequence construction by spiral iteration design, and improves the safety test efficiency.
Further, referring to fig. 1, the core of the semi-automatic safety testing method based on PDCA cycle in the present invention is a semi-automatic test tool sequence, which specifically includes the following steps:
step 1: planning: and (3) packaging and modeling the safety testing tool, and planning the matching correlation degree between the testing requirement, the testing behavior and the testing tool (every two), thereby constructing a safety testing knowledge map.
The step corresponds to a P-Plan stage of the PDCA cycle, aims to clarify a test target and establishes a final state for realizing a test requirement. The method comprises the following specific steps:
step 1.1: and modeling and packaging the test tool to form a test resource pool, and realizing the basis of unified resource configuration, driving and automatic execution.
The core of modeling the test tool is the attribute of the test tool, and the test tool is firstly subjected to multi-dimensional attribute analysis, and attribute marking is performed from dimensions such as a physical domain, a logic domain, a state domain and the like, so that a test tool attribute description model shown in fig. 2 is obtained.
The physical domain comprises basic attributes, interface attributes, action conditions, action distances, parameter configuration and other attributes: the basic attributes describe the name, type, version model, form and other basic attributes of the tool resource; the interface attribute mainly refers to information such as interface name, interface type, transmission data type and data format which can be provided by tool resources; the action conditions mainly refer to the attribute information of elements such as an operation system platform, operation supporting software, dependence weakness and the like of tool resources; the action distance mainly refers to the deployment position and the communication mode of the tool when acting on a target object, such as the attributes of remote, near, wired, wireless and the like; the parameter configuration attribute mainly refers to information of parameter configuration, policy configuration and the like of the resource.
The logical domain contains the attributes of function, performance, effect, trace, etc.: the functional attributes describe the attribute characteristics of attack test behaviors which can be implemented by the tool, such as port scanning, sniffing and the like; the performance attribute describes the degree, efficiency, accuracy and other characteristics of the tool when the tool completes a certain function; the action effect refers to the effect that the tool acts on the target object, such as service refusal, system error, password stealing and the like; trace-of-action value tools generate traces, such as logs, traffic records, IDS records, etc., when a target object performs a function.
The state domain comprises attributes of an idle state, an active state, a fault state, a reservation state, test time and the like: the idle state describes that the tool is currently in an available state; the fault state describes that the current state of the tool is a fault and cannot be called; the in-use state indicates that the tool is currently being used; the reservation state describes that the tool is reserved for use at some future time; the test time describes the time required for the tool to complete the current task.
And constructing and forming a { object, attribute, relation and state } quaternary description model on the basis of the test tool attribute description model, and shielding the difference of test resources.
And then in order to realize the unified management and control of the testing tool, the interface packaging design is carried out on the testing tool, the tool interaction interface, the management and control interface, the engine driving interface, the data acquisition interface and the like are uniformly constrained, and the model definition of the driving, execution and interaction of the testing resources is realized. The tool interaction interface is used for realizing the input and output interaction function between the running of the test tool; the management and control interface is used for realizing management and control functions between the test tool and the execution platform, including configuration management, state reporting and the like; the engine driving interface is used for realizing execution control of the test tool, including instruction execution, tool start and stop and the like; the data acquisition interface is used for acquiring result data, tool execution state and other data in the test tool execution process.
Step 1.2: and extracting knowledge of the basic links of the safety test, and establishing a safety test knowledge graph.
The method comprises the steps of 1.1, modeling the attributes of a safety testing tool, analyzing and summarizing safety testing requirements, operation behaviors, tool attributes and the like, extracting association rules between the testing requirements and the testing behaviors and between the testing behaviors and the testing tool by combining with safety testing expert experience, further constructing a multidimensional mapping matrix between the requirements and the behaviors and between the requirements and the testing tool, forming a safety testing knowledge map through heterogeneous protocols, and laying a 'planning' foundation for automatic construction of a safety testing tool sequence.
The process of establishing a security test knowledge graph according to the present invention is briefly described below. The construction process of the knowledge graph is that the elements of knowledge are extracted from original data starting from three-dimensional original data such as test requirements, test behaviors and test tools and are stored in a data layer and a mode layer of a knowledge base. And (4) performing iterative construction on the basis, and completing construction of the knowledge graph in a circulating reciprocating manner through continuous iteration of three stages of information extraction, knowledge fusion and knowledge processing.
Based on the semantic search function of the knowledge graph, the knowledge graph is subjected to safety test knowledge inquiry, key words such as safety test tools, test effects and the like are analyzed and inferred, and then the key words are mapped to one or a group of concepts in the knowledge graph, and then according to the concept hierarchy structure in the knowledge graph, a knowledge network with an inquiry entity as the center is returned to assist in completing test scheme design and task planning.
The rationality of test tool selection integrates the comprehensive measurement of the matching of the test tool and the test requirement, the completion time and efficiency of the test tool, the load balance distribution of the test tool and other factors. The following steps are used to solve the problem of matching the test tool with the test requirements in step 2, and the problems of time and efficiency of the test tool and load balancing in step 3.
Step 2: designing: and (3) on the basis of the result formed in the step (1), initially compiling and constructing a test path based on the attack pattern attack graph dynamic generation method, and butting each test node on the test path with a test tool.
The step corresponds to the D-Do phase of the PDCA cycle and aims to execute preliminary planning and complete the matching of the test tool and the test requirement.
And 2.1, constructing a test mode model. Describing a test pattern by using a quintuple < Name, VulnerabilitySet, Pre, Effect, QuantifedSet >, wherein the Name is the Name of the test pattern; VulnerabilitySet is a set of vulnerability utilization of the test mode; pre is the precondition of the test mode; effect is the attack Effect of the test mode; the QuantifiedSet is a test mode extended quantization attribute set. According to the test property, the test mode can only contain the relation of AND between the utilization preconditions and the utilization consequences, but cannot contain the relation of OR.
Step 2.2: and constructing an attack graph based on the step 2.1.
The test mode is the premise of constructing the attack graph, the process of constructing the attack graph is mainly to match the tool according to the target network attack surface and the weakness and the test mode, so that the test mode can be instantiated as an atom test action, and the test path is extended forwards by utilizing the premise and effect connection between two adjacent test atoms on the test path, thereby completing the construction of the test path sequence and the attack graph.
The invention carries out improved analysis on the basis of the existing directed attack graph. In the concept of the current attack graph, network security elements such as a target host, services, vulnerabilities and authorities are marked at a vertex, states such as nodes are cracked and authorities are obtained can be represented, and attack action behaviors are represented at edges. On the basis, the meaning of the vertex is expanded by combining the connotation of the knowledge graph constructed in the step 1, the contents such as test tools, test effects and the like are increased, and the contents such as the possibility of successful test execution, the test execution time or the test efficiency and the like are increased by the meaning of the opposite side.
Step 2.3: and planning a test path based on the attack graph. Based on the attack graph constructed in the step 2.2, a path corresponding to the attack graph is calculated and formed by using a path traversal algorithm of the directed graph, and the path is a set of test paths. And (3) forming a test path plan by utilizing the construction of the attack graph to analyze the exposed surface and the weak point of the test object, matching test resources, linking test preconditions and effects and the like, and fully traversing all test paths under the guidance of the knowledge graph constructed in the step (1) to ensure the comprehensive combing of the test tool sequence. And (4) calculating success probability for each tool sequence according to the guidance of the knowledge graph in the step 1, and taking the success probability as input of optimization adjustment of subsequent steps.
And step 3: and (4) checking: and (3) carrying out optimization processing on the test path set formed by planning in the step (2) by using an ant colony optimization algorithm, and screening and scheduling an optimal test tool sequence.
The step corresponds to the C-Check stage of PDCA circulation and aims to observe the situation of the execution process and optimize and screen the development of a test tool sequence towards the optimal direction.
Step 3.1: and introducing an ant colony algorithm concept to perform test tool sequence execution efficiency optimization scheduling. The ant colony algorithm is introduced to help complete the solution of the complex optimization problem and support the problem of combinationization, and the invention applies the ant colony algorithm to the selection of the test tool sequence in the safety test process and screens out the globally optimal test tool sequence from the test path set planned in the step 2.
The problem of solving the optimal distribution method is assumed to be that y test nodes exist on the test tool sequence and x optional test tools are used for distribution, and the problem of solving the optimal path selection by placing x ants on y vertexes by referring to the ant colony algorithm can be abstracted. Under the guidance of this idea, the test tool sequence (set) is represented as: t ═ T 1 ,T 2 ,T 3 ,…,T x },T i Representing the ith test tool, and the test node set is as follows: v ═ V 1 ,V 2 ,V 3 ,…,V y },V j Representing the jth test node.
Executing the test tool on one test node, and replacing the mapping relation between the test tool and the test node resources by the following matrix:
Figure BDA0003695160670000151
in the matrix, r ij Indicates that the tool T is to be tested i Assigned to test node V j And (6) executing.
The selection of the test tool firstly needs to determine a reasonable distribution relation between the test tool and the test node, and the time for selecting the test tool to finish and the load balance degree of the test node are important indexes for judging whether the test tool is reasonable and whether a tool chain is effective. The total execution time of a test tool sequence is:
Figure BDA0003695160670000161
wherein e ij =Length i /Mips j Representing execution time (test tool T) i At test node resource V j Above).
In order to improve the execution efficiency of the selected test tool, the ant colony algorithm pheromone concentration updating formula is improved, and the local pheromone updating formula is respectively improved to delta tau ij (t)=D/time ij And the global pheromone update formula is Δ τ ij '(t)=D/besttime ij . Wherein D is a constant, time ij Representing a test node V j Executing test tool T i Completion time of (1), besttime ij Representing a test node V j Executing test tool T i The shortest completion time.
An ant colony algorithm is introduced and improved, the ant colony algorithm can be dynamically adjusted according to the situation at each test tool selection stage, a better tool is selected, the result is recorded, if one test tool sequence can finish the test work, the test tool sequence is recorded, if the test tool sequence is unsuccessful, the test tool sequence is not recorded, the test tool sequence is reversely returned to a source point (with a memory function) along the original path, the path is destroyed, and the improved pheromone delta tau is based on ij And (t) updating pheromone, and continuously searching the structural test tool sequence by the ants from the source point again. And after an optimal test tool sequence is constructed and formed, recording the optimal test tool sequence, continuing to call the improved ant colony algorithm to construct the test tool sequence, and when the same test tool sequence appears, reversing the sequence and returning, selecting and polluting the test tool in the last step of the sequence, thereby constructing an optimal test tool chain of the remaining solution space and realizing the full coverage of the test path.
Step 3.2: the actual meaning selected by each test tool in the test tool execution sequence formed by planning is the type of the test tool, and for the test tool execution sequence completed by planning, when the test tool is called, there may exist a fault state or an active state defined in step 1, and the test tool cannot be called immediately. For this purpose, factors such as the type, number, status, etc. of the testing tools need to be considered overall.
This step performs the load balancing selection of the test tools by a weighted round robin method. The execution state of the test tool is understood as performance, and the selection of the test tool can be understood as selecting the test tool with the best performance from the test tool type set to be selected. And carrying out authority assignment on the test tool, wherein the authority assignment comprises two load balancing weights such as weight and effective _ weight. Wherein weight is the initial weight of the test tool, the weight is fixed after assignment, and the assignment of the initial weight is calculated according to the execution time e of the test tool calculated in step 3.1 ij Step 2.1 defining a test mode preconditionThe parts (test tool execution preconditions) Pre and the like are comprehensively evaluated and given by expert knowledge. effective _ weight is the effective weight of the test tool, and the initial value is weight. The test tool is selected to be in the calling state, the effective weight of the test tool is reduced, if the test tool is in the fault state, the effective weight is also reduced, and after the test tool is released or the fault is relieved, the effective weight is gradually increased until the weight is restored, so that the weight of the unavailable state of the test tool is reduced. The tool load balancing selection method is to select the test tool with the highest value from the test tool set according to the effective _ weight value, namely the test tool selection result of the current corresponding test node.
And 4, step 4: and (3) correction: and (4) feeding back the resource scheduling and the adjustment of the path screening parameters in combination with the change of the actual state in the testing process, and continuously optimizing the testing tool sequence.
The step corresponds to the A-Action stage of PDCA circulation and aims to dynamically correct the change of the sequence planning and the executed parameters of the adjustment tool according to the executed result, continuously optimize the test process and finally realize the semi-automation capability improvement of the test process.
The experimental knowledge of testing personnel is integrated, the feedback of the testing effect and the testing path is dynamically optimized and adjusted according to the dynamic change of the testing information in the testing process, parameters such as the testing requirement in the step 1, the matching correlation degree between the testing behavior and the testing tool, the (tool distribution) attack diagram in the step 2, the pheromone concentrations of two ant colony algorithms in the step 3, the load balance weight in the step 3 and the like are dynamically updated by using the adjustment result, a feedback mechanism is formed to improve the operation method in the steps 1 to 3, and the planning scheme of the next testing tool is optimized and adjusted.
The above description is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, several modifications and variations can be made without departing from the technical principle of the present invention, and these modifications and variations should also be regarded as the protection scope of the present invention.

Claims (10)

1. A semi-automatic safety testing method based on PDCA circulation is characterized by comprising the following steps:
step 1: planning: packaging and modeling the safety testing tool, and planning the matching correlation degree between the testing requirement, the testing behavior and the testing tool so as to construct a safety testing knowledge graph;
step 2: designing: on the basis of the result formed in the step 1, an attack graph dynamic generation method based on an attack mode is used for initially compiling and constructing a test path, and each test node on the test path is butted with a test tool;
and 3, step 3: and (4) checking: performing optimization processing on the test path set formed by planning in the step 2 by using an ant colony optimization algorithm, and screening out an optimal test tool sequence;
and 4, step 4: and (3) correction: and (4) feeding back the resource scheduling and the adjustment of the path screening parameters in combination with the change of the actual state in the testing process, and continuously optimizing the testing tool sequence.
2. The method of claim 1, wherein step 1 is specifically as follows:
step 1.1: modeling and packaging the test tool to form a test resource pool, and realizing the basis of unified resource configuration, driving and automatic execution;
firstly, carrying out multi-dimensional attribute analysis on a test tool, and carrying out attribute marking on the dimensions of a physical domain, a logic domain and a state domain to obtain a test tool attribute description model;
the physical domain comprises basic attributes, interface attributes, action conditions, action distances and parameter configuration attributes: the basic attributes describe the name, type, version model and form of the tool resource; the interface attribute comprises information of interface name, interface type, transmission data type and data format which can be provided by the tool resource; the action conditions comprise the operation system platform of the tool resource, the operation supporting software and the attribute information of the elements of relying on the weakness; the action distance comprises a deployment position and a communication mode when the tool acts on the target object; the parameter configuration attribute comprises information of parameter configuration and strategy configuration of the resource;
the logical domain contains the attributes of function, performance, effect, trace: the functional attribute describes the attribute characteristics of the attack test behavior which can be implemented by the tool; the performance attributes describe the degree, efficiency, accuracy, etc. of the tool in performing a function; the action effect refers to the effect achieved by the tool acting on the target object; trace generated when the action trace value tool executes a function on the target object;
the state field comprises attributes of idle state, active state, fault state, reservation state and test time: the idle state describes that the tool is currently in an available state; the fault state describes that the current state of the tool is a fault and cannot be called; the in-use state indicates that the tool is currently being used; the reservation state describes that the tool is reserved for use at a future time; the test time describes the time required for the tool to perform the current task;
constructing and forming a { object, attribute, relation and state } quaternary description model on the basis of the test tool attribute description model, and shielding the difference of test resources;
further, in order to realize the unified management and control of the testing tool, the testing tool is subjected to an interfacing packaging design, a tool interaction interface, a management and control interface, an engine driving interface and a data acquisition interface are uniformly constrained, the modeling definition of driving, execution and interaction of testing resources is realized, and the tool interaction interface is used for realizing the input and output interaction function between the running of the testing tool; the management and control interface is used for realizing a management and control function between the test tool and the execution platform; the engine driving interface is used for realizing execution control of the test tool; the data acquisition interface is used for acquiring result data and tool execution state data in the test tool execution process;
step 1.2: extracting knowledge of a security test basic link, and establishing a security test knowledge map;
modeling the attribute of the safety testing tool based on the step 1.1, analyzing and summarizing the safety testing requirement, the operation behavior and the tool attribute, extracting the association rules between the testing requirement and the testing behavior and between the testing behavior and the testing tool, further constructing a multi-dimensional mapping matrix between the testing requirement and the testing behavior and between the testing behavior and the testing tool, and forming a safety testing knowledge graph through a heterogeneous protocol.
3. The method of claim 2, wherein in step 1, the security testing knowledge graph is established as follows: the construction process of the knowledge graph starts from original data of three dimensions of test requirements, test behaviors and test tools, elements of knowledge are extracted from the original data and stored in a data layer and a mode layer of a knowledge base, iteration construction is carried out on the basis, and the construction of the knowledge graph is completed in a circulating reciprocating mode through continuous iteration of three stages of information extraction, knowledge fusion and knowledge processing.
4. The method according to claim 3, wherein in step 1, the knowledge graph is further subjected to security test knowledge query based on a semantic search function of the knowledge graph, keywords of security test tools and test effects are analyzed and inferred, and then mapped onto one or a group of concepts in the knowledge graph, and then a knowledge network with a query entity as a center is returned according to a concept hierarchy in the knowledge graph to assist in completing test scheme design and task planning.
5. The method according to claim 2, wherein step 2 is specifically:
step 2.1, constructing a test mode model;
describing a test pattern by using a quintuple < Name, VulnerabilitySet, Pre, Effect, QuantifedSet >, wherein the Name is the Name of the test pattern; VulnerabilitySet is a set of vulnerability utilization of the test mode; pre is a precondition of the test mode; effect is the attack Effect of the test mode; the quantifiedSet is a test mode extension quantization attribute set, and according to test properties, only the and relation and not the or relation are contained between each utilization precondition and each utilization consequence of a test mode;
step 2.2: attack graph construction based on step 2.1
The process of constructing the attack graph is to match the tool according to the target network attack surface and the weakness and the test mode, so that the test mode can be instantiated into an atom test action, and the test path is extended forwards by using the connection of the precondition and the effect between two adjacent test atoms on the test path, thereby completing the construction of the test path sequence and the attack graph;
step 2.3: test path planning based on the attack graph
Based on the attack graph constructed in the step 2.2, a path corresponding to the attack graph is calculated and formed by using a path traversal algorithm of the directed graph, namely, the path is a set of test paths, the exposed surface and weak point analysis, the test resource matching, the test precondition and the effect linkage of the test object are formed by using the construction of the attack graph to form a test path plan, all the test paths are fully traversed under the guidance of the knowledge graph constructed in the step 1, the comprehensive combing of the test tool sequences is ensured, and the success probability is calculated for each tool sequence according to the guidance of the knowledge graph in the step 1 and is used as the input of the optimization adjustment in the step 3.
6. The method of claim 5, characterized in that in step 2.2, the meaning of the vertices of the attack graph is expanded to increase the contents of the test tools and the test effects, and the meaning of the edges of the attack graph increases the contents of the probability of successful test execution, the test execution time or the test efficiency.
7. The method according to claim 5, wherein step 3 is specifically:
step 3.1: assuming that there are y test nodes on the test tool sequence, there are x optional test tools for allocation, and the problem of the optimal allocation method is solved, abstract is to use ant colony algorithm for reference, solve the problem that x ants are placed on y vertexes for optimal path selection, and express the test tool sequence as: t ═ T 1 ,T 2 ,T 3 ,…,T x },T i Representing the ith test tool, and the test node set is as follows: v ═ V 1 ,V 2 ,V 3 ,…,V y },V j Represents the jth test node;
executing the test tool on one test node, and replacing the mapping relation between the test tool and the test node resources by the following matrix:
Figure FDA0003695160660000051
in the matrix, r ij Indicates that the tool T is to be tested i Assigned to test node V j Executing;
the selection of the test tool firstly needs to determine a reasonable distribution relation between the test tool and the test node, the time for selecting the test tool to finish and the load balance degree of the test node are indexes for judging whether the test tool is reasonable and whether a tool chain is effective, and the total execution time of a test tool sequence is as follows:
Figure FDA0003695160660000052
wherein e ij =Length i /Mips j Presentation test tool T i At test node resource V j Execution time of;
the ant colony algorithm pheromone concentration updating formula is improved as follows: respectively improving local pheromone updating formula to be delta tau ij (t)=D/time ij And the global pheromone update formula is Δ τ ij '(t)=D/besttime ij Where D is a constant, time ij Representing a test node V j Executing test tool T i Completion time of (1), besttime ij Representing a test node V j Executing test tool T i The shortest completion time of;
based on the improved ant colony algorithm, dynamically adjusting according to the situation at each test tool selection stage, selecting a better tool, recording the result, recording the test tool sequence if one test tool sequence can complete the test work, not recording if the test tool sequence is unsuccessful, reversely returning to the source point along the original path, destroying the path, and based on the improved pheromoneΔτ ij (t) updating pheromone, starting from a source point again by an ant, continuously searching and constructing a test tool sequence, recording the test tool sequence after constructing and forming an optimal test tool sequence, continuously calling an improved ant colony algorithm to construct the test tool sequence, reversing the sequence and returning when the same test tool sequence appears, and selecting pollution for the test tool in the last step of the sequence so as to construct an optimal test tool chain of the residual solution space and realize full coverage on the test path;
step 3.2: performing load balancing selection on the test tool by a weighted polling method;
the execution state of the test tool is understood as performance, the selection of the test tool can be understood as selecting the test tool with the best performance from the type set of the test tools to be selected, and the authority assignment is performed on the test tool, wherein the authority assignment comprises two load balancing weights of weight and effective _ weight, the weight is the initial weight of the test tool, the weight is fixed after the assignment, and the assignment of the initial weight is according to the execution time e of the test tool calculated in the step 3.1 ij The precondition Pre of the test mode defined in the step 2.1 is comprehensively evaluated, effective _ weight is the effective weight of the test tool, the initial value is weight, the effective weight of the test tool can be reduced after the test tool is selected to be in the calling state, if the test tool is in the failure state, the effective weight can be reduced, and then the test tool is released or the failure is relieved, and the effective weight can be gradually increased until the weight is recovered; the tool load balancing selection method is to select the test tool with the highest value from the test tool set according to the effective _ weight value, namely the test tool selection result of the current corresponding test node.
8. The method according to claim 7, wherein step 4 is to perform dynamic optimization and adjustment on the test effect and the feedback of the test path according to the dynamic change of the test information in the test process, and dynamically update parameters of the test requirement in step 1, the matching correlation between the test behavior and the test tool, the attack graph in step 2, the pheromone concentrations of the two ant colony algorithms in step 3, and the load balancing weight in step 3 by using the adjustment result, so as to form a feedback mechanism to improve the operation method in steps 1 to 3, and perform optimization and adjustment and improvement on the planning scheme of the next test tool.
9. A system for implementing the method of any one of claims 1 to 8.
10. Use of the method according to any one of claims 1 to 8 in the field of network security technology.
CN202210677006.7A 2022-06-15 2022-06-15 Semi-automatic safety testing method based on PDCA (packet data packet access) cycle Pending CN115061910A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210677006.7A CN115061910A (en) 2022-06-15 2022-06-15 Semi-automatic safety testing method based on PDCA (packet data packet access) cycle

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210677006.7A CN115061910A (en) 2022-06-15 2022-06-15 Semi-automatic safety testing method based on PDCA (packet data packet access) cycle

Publications (1)

Publication Number Publication Date
CN115061910A true CN115061910A (en) 2022-09-16

Family

ID=83200899

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210677006.7A Pending CN115061910A (en) 2022-06-15 2022-06-15 Semi-automatic safety testing method based on PDCA (packet data packet access) cycle

Country Status (1)

Country Link
CN (1) CN115061910A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116627973A (en) * 2023-05-25 2023-08-22 成都融见软件科技有限公司 Data positioning system
CN117376228A (en) * 2023-11-27 2024-01-09 中国电子科技集团公司第十五研究所 Network security testing tool determining method and device

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116627973A (en) * 2023-05-25 2023-08-22 成都融见软件科技有限公司 Data positioning system
CN116627973B (en) * 2023-05-25 2024-02-09 成都融见软件科技有限公司 Data positioning system
CN117376228A (en) * 2023-11-27 2024-01-09 中国电子科技集团公司第十五研究所 Network security testing tool determining method and device
CN117376228B (en) * 2023-11-27 2024-05-28 中国电子科技集团公司第十五研究所 Network security testing tool determining method and device

Similar Documents

Publication Publication Date Title
CN115061910A (en) Semi-automatic safety testing method based on PDCA (packet data packet access) cycle
US7069537B2 (en) Techniques for partial loading of a configuration associated with a configuration model
US9317833B2 (en) Method and apparatus for role grouping by shared resource utilization
CN111176867B (en) Data sharing exchange and open application platform
CN110704846B (en) Intelligent human-in-loop security vulnerability discovery method
CN110175027A (en) A kind of method and apparatus for developing business function
US20210201909A1 (en) Index suggestion engine for relational databases
CN109408591B (en) Decision-making distributed database system supporting SQL (structured query language) driven AI (Artificial Intelligence) and feature engineering
CN111143391A (en) Data sharing exchange method and system
CN115510249A (en) Knowledge graph construction method and device, electronic equipment and storage medium
Roy et al. Facilitating enterprise service discovery for non-technical business users
Xiao et al. Automated web service composition using genetic programming
US8832641B2 (en) Model-operative pattern representation and operational enablement using declarative componential-driven domain-specific programming language
Celik et al. S-IDE: A tool framework for optimizing deployment architecture of High Level Architecture based simulation systems
De Rosa et al. Ontology for Cybersecurity Governance of ICT Systems.
CN104391782A (en) Network-equipment managing-software client-end simulating method on basis of XML (X Extensive Markup Language) script
CN114840187A (en) Software architecture optimization method and device
CN113992664B (en) Cluster communication method, related device and storage medium
Huang et al. Research on intelligent cloud test platform
Luo et al. Causal discovery of flight service process based on event sequence
Kuang et al. Key selection for multilevel indices of large-scale service repositories
Admodisastro et al. An architecture analysis approach for supporting black-box software development
CN118092874B (en) API (application program interface) arrangement method and device based on atlas extension
Martelli et al. A logic programming framework for component-based software prototyping
Padmanabhan DECIMAL: A requirements engineering tool for product families

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination