渗透测试是发现重要网络信息系统弱点并进而保护网络安全的重要手段. 传统的渗透测试深度依赖人工, 并且对测试人员的技术要求很高, 从而限制了普及的深度和广度. 自动化渗透测试通过将人工智能技术引入渗透测试全过程, 在极大地解决对人工的重度依赖基础上降低了渗透测试技术门槛. 自动化渗透测试主要可分为基于模型和基于规则的自动渗透测试. 二者的研究各有侧重, 前者是指利用模型算法模拟黑客攻击, 研究重点是攻击场景感知和攻击决策模型; 后者则聚焦于攻击规则和攻击场景如何高效适配等方面. 主要从攻击场景建模、渗透测试建模和决策推理模型等3个环节深入分析相关自动化渗透测试实现原理, 最后从攻防对抗、漏洞组合利用等维度探讨自动化渗透的未来发展方向.

Penetration testing is an important means to discover the weaknesses of significant network information systems and protect network security. Traditional penetration testing relies heavily on manual labor and has high technical requirements for testers, limiting the popularization depth and breadth. By introducing artificial intelligence technology into the whole penetration testing process, automated penetration testing lowers the technical threshold of penetration testing based on greatly solving the problem of heavy dependence on manual labor. Automated penetration testing can be mainly divided into model-based and rule-based automated penetration testing, and the research of the two has their respective focuses. The former utilizes model algorithms to simulate hacker attacks with attention paid to attack scene perception and attack decision-making models. The latter concentrates on how to efficiently adapt attack rules and attack scenarios. This study mainly analyzes the implementation principles of automated penetration testing from three aspects of attack scenario modeling, penetration testing modeling, and decision-making reasoning model. Finally, the future development direction of automated penetration is explored from the dimensions of attack-defense confrontation and vulnerability combination utilization.

国家自然科学基金(U20B2046);广东省高校创新团队项目(2020KCXTD007);广州市高校创新团队项目(202032854)