PENETRATION TEST ATTACK TREE GENERATOR

US 20170019421A1
Filed: 07/14/2015
Published: 01/19/2017
Est. Priority Date: 07/14/2015
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method executed by one or more processors, the method comprising:

receiving, by the one or more processors, goal data and start-up information, the goal data indicating a goal to be achieved during a penetration test, the start-up information indicating initial data for beginning the penetration test;

receiving, by the one or more processors, tool data from a register of tools, the tool data comprising one or more tools that can be used during the penetration test, and, for each tool, input data required to execute the tool and output data provided by the tool;

processing, by the one or more processors, the goal data, the start-up information and the tool data to automatically generate attack tree data, the attack tree data comprising a plurality of data sets and links between data sets; and

providing, by the one or more processors, the attack tree data to display a graphical representation of an attack tree on a display.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Implementations of the present disclosure include methods, systems, and computer-readable storage mediums for receiving goal data and start-up information, the goal data indicating a goal to be achieved during a penetration test, the start-up information indicating initial data for beginning the penetration test, receiving tool data from a register of tools, the tool data including one or more tools that can be used during the penetration test, and, for each tool, input data required to execute the tool and output data provided by the tool, processing the goal data, the start-up information and the tool data to automatically generate attack tree data, the attack tree data including a plurality of data sets and links between data sets, and providing the attack tree data to display a graphical representation of an attack tree on a display.

40 Citations

View as Search Results

20 Claims

1. A computer-implemented method executed by one or more processors, the method comprising:
- receiving, by the one or more processors, goal data and start-up information, the goal data indicating a goal to be achieved during a penetration test, the start-up information indicating initial data for beginning the penetration test;
  
  receiving, by the one or more processors, tool data from a register of tools, the tool data comprising one or more tools that can be used during the penetration test, and, for each tool, input data required to execute the tool and output data provided by the tool;
  
  processing, by the one or more processors, the goal data, the start-up information and the tool data to automatically generate attack tree data, the attack tree data comprising a plurality of data sets and links between data sets; and
  
  providing, by the one or more processors, the attack tree data to display a graphical representation of an attack tree on a display.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein processing the goal data, the start-up information and the tool data to automatically generate attack tree data comprises:
    - reading a data element from a pool of data elements;
      
      comparing the data element to one or more output data of at least one tool in the register of tools; and
      
      selectively instantiating data based on the comparing.
  - 3. The method of claim 2, wherein comparing the data element to one or more output data of at least one tool in the register of tools is executed in response to determining that the data element is not included in the start-up information.
  - 4. The method of claim 2, wherein selectively instantiating data based on the comparing comprises determining that the data element matches an output data of a tool, and in response, populating one or more parameters of the tool with respective template elements to provide an executable command, the respective template elements being subsequently instantiated.
  - 5. The method of claim 4, wherein selectively instantiating data based on the comparing further comprises adding one or more input data of the tool to the pool of data elements.
  - 6. The method of claim 1, wherein the attack tree comprises a combination of two or more attack vectors for attacking the target system.
  - 7. The method of claim 1, further comprising determining that a data set of the attack tree data cannot be bound to the start-up data, and in response, deleting the data set from the attack tree data.

8. A non-transitory computer-readable storage medium coupled to one or more processors and having instructions stored thereon which, when executed by the one or more processors, cause the one or more processors to perform operations comprising:
- receiving goal data and start-up information, the goal data indicating a goal to be achieved during a penetration test, the start-up information indicating initial data for beginning the penetration test;
  
  receiving tool data from a register of tools, the tool data comprising one or more tools that can be used during the penetration test, and, for each tool, input data required to execute the tool and output data provided by the tool;
  
  processing the goal data, the start-up information and the tool data to automatically generate attack tree data, the attack tree data comprising a plurality of data sets and links between data sets; and
  
  providing the attack tree data to display a graphical representation of an attack tree on a display.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer-readable storage medium of claim 8, wherein processing the goal data, the start-up information and the tool data to automatically generate attack tree data comprises:
    - reading a data element from a pool of data elements;
      
      comparing the data element to one or more output data of at least one tool in the register of tools; and
      
      selectively instantiating data based on the comparing.
  - 10. The computer-readable storage medium of claim 9, wherein comparing the data element to one or more output data of at least one tool in the register of tools is executed in response to determining that the data element is not included in the start-up information.
  - 11. The computer-readable storage medium of claim 9, wherein selectively instantiating data based on the comparing comprises determining that the data element matches an output data of a tool, and in response, populating one or more parameters of the tool with respective template elements to provide an executable command, the respective template elements being subsequently instantiated.
  - 12. The computer-readable storage medium of claim 11, wherein selectively instantiating data based on the comparing further comprises adding one or more input data of the tool to the pool of data elements.
  - 13. The computer-readable storage medium of claim 8, wherein the attack tree comprises a combination of two or more attack vectors for attacking the target system.
  - 14. The computer-readable storage medium of claim 8, wherein operations further include determining that a data set of the attack tree data cannot be bound to the start-up data, and in response, deleting the data set from the attack tree data.

15. A system, comprising:
- a computing device; and
  
  a computer-readable storage device coupled to the computing device and having instructions stored thereon which, when executed by the computing device, cause the computing device to perform operations comprising;
  
  receiving goal data and start-up information, the goal data indicating a goal to be achieved during a penetration test, the start-up information indicating initial data for beginning the penetration test;
  
  receiving tool data from a register of tools, the tool data comprising one or more tools that can be used during the penetration test, and, for each tool, input data required to execute the tool and output data provided by the tool;
  
  processing the goal data, the start-up information and the tool data to automatically generate attack tree data, the attack tree data comprising a plurality of data sets and links between data sets; and
  
  providing the attack tree data to display a graphical representation of an attack tree on a display.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The system of claim 15, wherein processing the goal data, the start-up information and the tool data to automatically generate attack tree data comprises:
    - reading a data element from a pool of data elements;
      
      comparing the data element to one or more output data of at least one tool in the register of tools; and
      
      selectively instantiating data based on the comparing.
  - 17. The system of claim 16, wherein comparing the data element to one or more output data of at least one tool in the register of tools is executed in response to determining that the data element is not included in the start-up information.
  - 18. The system of claim 16, wherein selectively instantiating data based on the comparing comprises determining that the data element matches an output data of a tool, and in response, populating one or more parameters of the tool with respective template elements to provide an executable command, the respective template elements being subsequently instantiated.
  - 19. The system of claim 18, wherein selectively instantiating data based on the comparing further comprises adding one or more input data of the tool to the pool of data elements.
  - 20. The system of claim 15, wherein the attack tree comprises a combination of two or more attack vectors for attacking the target system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SAP SE
Original Assignee
SAP SE
Inventors
Hebert, Cedric, Gomez, Laurent

Granted Patent

US 9,894,090 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 16/2246   Trees, e.g. B+trees

G06F 16/2379   Updates performed during on...

G06F 21/552   involving long-term monitor...

G06F 21/577   Assessing vulnerabilities a...

H04L 63/1408   by monitoring network traff...

H04L 63/1433   Vulnerability analysis

PENETRATION TEST ATTACK TREE GENERATOR

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

40 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

PENETRATION TEST ATTACK TREE GENERATOR

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

40 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links