摘要
渗透测试是一种主动发现信息系统漏洞的测试方法,可以为信息系统网络安全能力的提升提供改进建议。文中首先介绍并分析有关渗透测试流程的研究成果,针对当前渗透测试流程主要侧重于查找系统漏洞的特点,提出利用渗透测试考核信息系统的安全防护系统性能的设想;然后,介绍网络杀伤链和反杀伤链的概念,通过运用“攻防并举”的理念设计基于网络杀伤链的渗透测试流程,实现安全防护系统性能与渗透测试的关联,为考核其性能发挥情况提供支撑;最后,通过案例对文中提出的测试流程进行验证,结果表明该流程具有可行性和有效性。
Penetration testing is a testing method to actively discover information system vulnerabilities,which can provide suggestions for the improvement of information system cybersecurity capability.The paper first introduces and analyzes the results of research on penetration testing process,proposes the idea of using penetration testing to assess the performance of security protection system of information system in view of the characteristics that current penetration testing processes mainly focus on finding system vulnerabilities.Then the paper introduces the concepts of cyber kill chain and cyber anti-kill chain,puts forward the penetration testing process based on cyber kill chain by using the concept of“attack and defense at the same time”,which realizes the correlation between the performance of security protection system and penetration testing and provides support for performance assessment.Finally,the process proposed in the paper is verified by a case,and the result shows that the process is feasible and effective.
作者
高新雨
张冰
郑超
陈亚莎
GAO Xin-yu;ZHANG Bing;ZHENG Chao;CHEN Ya-sha(Institute of Systems Engineering,Academy of Military Sciences,Beijing 100089,China;China Academy of Electronics and Information Technology,Beijing 100041,China)
出处
《中国电子科学研究院学报》
北大核心
2023年第6期539-544,共6页
Journal of China Academy of Electronics and Information Technology
关键词
信息系统
渗透测试流程
网络杀伤链
网络反杀伤链
information system
penetration testing process
cyber kill chain
cyber anti-kill chain
