


active security analysis, corporate network, target system, vulnerability validation, exploit


The article proposes an improved method for automatic active analysis of corporate network security. This method is based on the synthesis of a mathematical model for analyzing the quantitative characteristics of the vulnerability validation process, a methodology for analyzing the quality of the validation mechanism for identified vulnerabilities in a corporate network, and a method for constructing a fuzzy knowledge base for making decisions when validating vulnerabilities of software and hardware platforms. In particular, the mathematical analysis model, which is based on Bernstein polynomials, allows describing the dynamics of the vulnerability validation process. A methodology for analyzing the quality of work is based on integral equations that take into account the quantitative characteristics of the investigated vulnerability validation mechanism at a certain point in time, which makes it possible to build laws for the distribution of quality indicators of the vulnerability validation process and quantitatively assess the quality of the validation mechanism for the identified vulnerabilities. The method of building a fuzzy knowledge base is based on the use of fuzzy logic which makes it possible to obtain reliable information about the quality of the vulnerability validation mechanism in an indirect way and allows the formation of final decision-making rules for the implementation of one or another attacking action during the active security analysis of corporate network. This allows, in contrast to existing approaches to automating active security analysis, to abstract from the conditions of dynamic changes in the environment, that is, the constant development of information technologies. This leads to an increase in the number of vulnerabilities and corresponding attack vectors, as well as to an increase in ready-to-use exploit vulnerabilities and their availability, taking into account only the quality parameters of the vulnerability validation process itself.


Киричок Р.В. Методика аналізу якості роботи механізму валідації вразливостей корпоративних мереж / Р.В. Киричок, Г.В. Шуклін // Телекомунікаційні та інформаційні технології. – 2020. – №2(67). С. 29-40.

Киричок Р.В. Моделювання механізму валідації вразливостей при активному аналізі захищеності корпоративних мереж за допомогою поліномів Бернштейна // Р.В. Киричок, Г.В. Шуклін, О.В. Барабаш, Г.І. Гайдур / Сучасні інформаційні системи. – 2020. – Том 4, №3. С. 118-123.

Chapple M. CompTIA PenTest+ Study Guide: Exam PT0-001 / M. Chapple, D. Seidl // CompTIA. – 2018. – 544 p.

Common Vulnerabilities and Exposures [Елек¬тронний ресурс] – Режим доступу: http://cve.

Durkota K. Computing optimal policies for attack graphs with action failures and costs / K. Durkota, V. Lisy // In 7th European Starting AI Researchers` Sy-mposium «STAIRS’14» Vol. 264, January 2014. pp. 101-110.

Kyrychok R. The method of building a knowledge base for dicision-making when validating corporate networks vulnerabilities / R. Kyrychok, G. Shuklin // Scientific Discussion. – 2020. – Vol. 1, №47. – pp. 7-11.

Luan J. Automated Vulnerability Modeling and Verification for Penetration Testing Using Petri Nets / J. Luan, J. Wang, M. Xue // Cloud Computing and Security. ICCCS 2016. Lecture Notes in Computer Science. July 2016. Vol. 10040. – 502 p.

Monahan G.E. State of the art – a survey of partially observable Markov decision processes: theory, models, and algorithms / G. E. Monahan // Manage. Sci. – 1982. – vol.28, №1. – pp. 1–16.

National Vulnerability Database [Електронний ресурс] – Режим доступу:

C. Penetration testing POMDP solving? / C. Sarraute, O. Buffet, J. Hoffmann // arXiv 2013, arXiv:1306.47 14. [Електронний ресурс]. – Режим доступу:

Sarraute C. POMDPs make better hackers: Accounting for uncertainty in penetration testing / C. Sarraute, O. Buffet, J. Hoffmann// In Proceedings of the 26th AAAI Conference on Artificial Intelligence «AAAI’12». July 2012. – Toronto, ON, Canada: AAAI Press, 2012. -pp. 1816-1824.

Shmaryahu D. Partially observable contingent planning for penetration testing / D. Shmaryahu, G. Shani, J. Hoffmann // 2017 1st Int Workshop on Artificial Intelligence in Security. – 2017. – pp.33-40.

Sutton R.S. Reinforcement Learning: An Introduction second edition. / R.S. Sutton, A.G. Barto // The MIT Press, Cambridge, MA, 2018. - 445 p.

Qiu X. Automatic generation algorithm of penetration graph in penetration testing / X. Qiu, S. Wang, Q. Jia, C. Xia and L. Lv // In Proceedings of the 2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, IEEE. November 8-10, 2014. – Guangdong, China, 2014. – pp. 531-537.

Wu D. A security threats identification and analysis method based on attack graph/D. Wu, Y.-F. Lian, K. Chen, Y.-L. Liu//Jisuanji Xuebao (Chinese Journal of Computers), 2012. – Vol. 35, №. 9. – pp. 1938–1950.




