METHOD AND SYSTEM SIMULATING A HACKING ATTACK ON A NETWORK
First Claim
1. A method for simulating a hacking attack on a Network, wherein the Network comprises at least one of a plurality of data processing units (DPUs), a plurality of users and a plurality of communication links, to assess vulnerabilities of the Network, the method comprising:
- (a) receiving one or more scan parameters from a system;
(b) creating at least one master agent by the system to gather information about the Network, wherein the information pertains to critical and non-critical information about the Network;
(c) performing Social Engineering analysis on the Network to find out vulnerabilities associated with the plurality of users;
(d) performing Link Analysis on the communication taking place among two or more users or the plurality of DPUs to find out critical information flowing as a result of communication;
(e) creating or updating an Information Model, wherein the Information Model comprises the information gathered by the at least one master agent about the plurality of DPUs, the plurality of users, the plurality of communication links and their relationships;
(f) generating a Multiple Attack Vectors (MAV) graph based on the information collected in the Information Model and the one or more scan parameters;
(g) launching one or more attacks based on the MAV graph to compromise the Network, wherein the one or more attacks can be one or more from a group comprising an automated social engineering attack, a communication link attack and a DPU exploit attack;
(h) installing at least one slave agent on the compromised Network to perform the one or more attacks in a distributed manner;
(i) performing a multi stage attack by using the at least one slave agent and the at least one master agent by repeating (b) (c) (d) (e) (f) (g) and (h); and
(j) generating a report by the system, wherein the report contains details about the compromised Network and the vulnerabilities of the Network.
5 Assignments
0 Petitions
Accused Products
Abstract
The present invention describes a method for simulating a hacking attack on a Network, wherein the Network comprises at least one of a plurality of data processing units (DPUs), a plurality of users and a plurality of communication links, to assess vulnerabilities of the Network. The method includes receiving one or more scan parameters for the Network. Further, the method includes creating at least one master agent by a system to gather information about the Network, wherein the information pertains to critical and non-critical information about the Network. The method includes creating an Information Model and then incrementally updating the Information Model during the hacking attack. The Information Model is the abstract representation of information collected by the system. Furthermore, the method includes generating a Multiple Attack Vector (MAV) graph based on one or more scan parameters and the Information Model. MAV has the ability to combine plurality of low and medium severity vulnerabilities associated with the data processing units (DPUs), users and communication links, correlate vulnerabilities in combination with Information Model and generate high severity attack paths that can lead to compromise of the Network. Moreover, the method includes launching one or more attacks based on the MAV graph to compromise the Network. The method further includes installing at least one slave agent on the compromised Network to perform the one or more attacks in a distributed manner. Moreover, the method includes performing a multi stage attack by using the at least one slave agent and the at least one master agent by repeating above steps. Finally, the method includes generating a report by the scan controller, wherein the report contains details about the compromised Network and the vulnerabilities of the Network.
181 Citations
20 Claims
-
1. A method for simulating a hacking attack on a Network, wherein the Network comprises at least one of a plurality of data processing units (DPUs), a plurality of users and a plurality of communication links, to assess vulnerabilities of the Network, the method comprising:
-
(a) receiving one or more scan parameters from a system; (b) creating at least one master agent by the system to gather information about the Network, wherein the information pertains to critical and non-critical information about the Network; (c) performing Social Engineering analysis on the Network to find out vulnerabilities associated with the plurality of users; (d) performing Link Analysis on the communication taking place among two or more users or the plurality of DPUs to find out critical information flowing as a result of communication; (e) creating or updating an Information Model, wherein the Information Model comprises the information gathered by the at least one master agent about the plurality of DPUs, the plurality of users, the plurality of communication links and their relationships; (f) generating a Multiple Attack Vectors (MAV) graph based on the information collected in the Information Model and the one or more scan parameters; (g) launching one or more attacks based on the MAV graph to compromise the Network, wherein the one or more attacks can be one or more from a group comprising an automated social engineering attack, a communication link attack and a DPU exploit attack; (h) installing at least one slave agent on the compromised Network to perform the one or more attacks in a distributed manner; (i) performing a multi stage attack by using the at least one slave agent and the at least one master agent by repeating (b) (c) (d) (e) (f) (g) and (h); and (j) generating a report by the system, wherein the report contains details about the compromised Network and the vulnerabilities of the Network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system for simulating a hacking attack on a Network wherein the Network comprises at least one of a plurality of data processing units (DPUs), a plurality of users and a plurality of communication links to assess vulnerabilities of the Network, the system comprising:
-
(a) an automated Social Engineering (SE) architecture for collecting sensitive information that pertains to the plurality of users; (b) a communication link framework for identifying vulnerabilities associated with the Network and communication protocols; and (c) a Multiple Attack Vector engine (MAV) for storing an MAV graph that shows all possible paths by which the Network can be compromised - View Dependent Claims (13, 14, 15)
-
-
16. A computer program product for use with a computer, the computer program product comprising a computer usable medium having a computer readable program code embodied therein for simulating a hacking attack on a Network, wherein the Network comprises at least one of a plurality of data processing units (DPUs), a plurality of users and a plurality of communication links to assess vulnerabilities of the Network, the computer program code comprising:
-
(a) program instruction means for receiving one or more scan parameters; (b) program instruction means for creating at least one master agent; (c) program instruction means for Social Engineering analysis on the Network; (d) program instruction means for Link Analysis on the communication among two or more users or the plurality of DPUs; (e) program instruction means for creating or updating an Information Model; (f) program instruction means for generating a multiple attack vectors graph based on the information collected in the Information Model and the one or more scan parameters; (g) program instruction means for executing one or more attacks on the Network to compromise the Network; (h) program instruction means for installing at least one agent in the compromised Network; (i) program instruction means for performing a multi stage attack by using the at least one slave agent and the at least one master agent by repeating (b) (c), (d), (e), (f), (g) and (h); and (j) program instruction means for generating a report that contains details about the compromised Network and the vulnerabilities of the compromised Network.
-
-
17. A method for assessing vulnerabilities for a network of a plurality of users, the plurality of users interacting with each other in the Network, the method comprising:
-
(a) receiving one or more scan parameters of the Network; (b) creating at least one agent to gather information about the plurality of users, wherein the information pertains to critical and non-critical information about the plurality of users and their hierarchical and personal relationships; and (c) performing automated Social Engineering analysis on the plurality of users to find vulnerabilities associated with the Network;
-
-
18. A method for simulating a hacking attack on a Network, wherein the Network comprises at least one of a plurality of data processing units (DPUs), a plurality of users and a plurality of communication links, to assess vulnerabilities of the Network, the method comprising:
-
(a) creating or updating an Information Model, wherein the Information Model comprises the information gathered about the Network; (b) generating a Multiple Attack Vectors (MAV) graph based on the information collected in the Information Model and the one or more scan parameters; (c) launching one or more attacks based on the MAV graph to compromise the Network, wherein the one or more attacks can be one or more from a group comprising an automated social engineering attack, a communication link attack and a DPU exploit attack; (d) generating a report by the system, wherein the report contains details about the compromised Network and the vulnerabilities of the Network. - View Dependent Claims (19)
-
-
20. A method for simulating a hacking attack on a Network, wherein the Network comprises at least one of a plurality of data processing units (DPUs), a plurality of users and a plurality of communication links, to assess vulnerabilities of the Network, the method comprising:
-
(a) gathering information about the Network from a plurality of agents, wherein the information relates to the at least one of the plurality of DPUs, a plurality of users, and a plurality of communication links; (b) creating or updating an Information Model, wherein the Information Model comprises the information gathered by the plurality of agents; (c) launching one or more attacks based on the Information Model to compromise the Network, wherein the one or more attacks can be one or more from a group comprising an automated social engineering attack, a communication link attack and a DPU exploit attack; (d) generating a report by the system, wherein the report contains details about the compromised Network and the vulnerabilities of the Network.
-
Specification