학술논문
Automated Penetration Testing, A Systematic Review
Document Type
Conference
Source
2023 International Mobile, Intelligent, and Ubiquitous Computing Conference (MIUCC) Mobile, Intelligent, and Ubiquitous Computing Conference (MIUCC), 2023 International. :373-380 Sep, 2023
Subject
Language
Abstract
Penetration testing (Pen-Testing) detects potential vulnerabilities and exploits by imitating black hat hackers to stop cyber crimes. Despite recent attempts to automate Pen-Testing, the issue of automation is still unresolved. Additionally, the attempts are highly case-specific and ignore the unique characteristics of pen-testing. Moreover, the achieved accuracy is limited, and very sensitive to variations. Also, there are redundancies found in detecting the exploits using non-automated algorithms. This paper concludes the recent study in the Penetration testing field and illustrates the importance of a comprehensive hybrid AI automation framework for pen-testing.