Planning the Attack! Or How to use AI in Security Testing?

Testing is one effective method for quality assurance. Generating and executing tests is a labor consuming task and there has been a lot of effort spent in test automation where the focus has been mainly on functional or penetration testing but not specifically on security testing. In this paper, we discuss two already introduced approaches for automated security testing that are based on AI planning. The approaches map attack models and security protocol definitions to AI planning problems in order to generate test cases. Furthermore, utilizing plan execution together with generated plans allows also for automating the test execution. The objective of the paper is to further stimulate research in this field. Thus we not only discuss the foundations behind and their applications, but also outline challenges and further research directions.

[1]  Kenneth G. Paterson,et al.  Lucky Thirteen: Breaking the TLS and DTLS Record Protocols , 2013, 2013 IEEE Symposium on Security and Privacy.

[2]  Franz Wotawa,et al.  Security Testing Based on Attack Patterns , 2014, 2014 IEEE Seventh International Conference on Software Testing, Verification and Validation Workshops.

[3]  Frederik Vercauteren,et al.  A cross-protocol attack on the TLS protocol , 2012, CCS.

[4]  Alfredo Pironti,et al.  FLEXTLS: A Tool for Testing TLS Implementations , 2015, WOOT.

[5]  Nils J. Nilsson,et al.  Teleo-Reactive Programs for Agent Control , 1993, J. Artif. Intell. Res..

[6]  Bernhard Nebel,et al.  Extending Planning Graphs to an ADL Subset , 1997, ECP.

[7]  Franz Wotawa,et al.  PURITY: A Planning-based secURITY Testing Tool , 2015, 2015 IEEE International Conference on Software Quality, Reliability and Security - Companion.

[8]  Mary Lou Soffa,et al.  Plan Generation for GUI Testing , 2000, AIPS.

[9]  Alfredo Pironti,et al.  A Messy State of the Union: Taming the Composite State Machines of TLS , 2015, IEEE Symposium on Security and Privacy.

[10]  Alfredo Pironti,et al.  A Messy State of the Union: Taming the Composite State Machines of TLS , 2015, 2015 IEEE Symposium on Security and Privacy.

[11]  Craig A. Knoblock,et al.  PDDL-the planning domain definition language , 1998 .

[12]  R. Bloem,et al.  Automatic Testing through Planning , 2006 .

[13]  Franz Wotawa,et al.  Planning-Based Security Testing of the SSL/TLS Protocol , 2017, 2017 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW).

[14]  Gary McGraw,et al.  Exploiting Software: How to Break Code , 2004 .

[15]  Christof Paar,et al.  DROWN: Breaking TLS Using SSLv2 , 2016, USENIX Security Symposium.

[16]  Franz Wotawa,et al.  AIana: an AI planning system for test data generation , 2010 .

[17]  Keqin Li,et al.  Model-Checking Driven Security Testing of Web-Based Applications , 2010, 2010 Third International Conference on Software Testing, Verification, and Validation Workshops.

[18]  Avrim Blum,et al.  Fast Planning Through Planning Graph Analysis , 1995, IJCAI.

[19]  Franz Wotawa,et al.  Plan It! Automated Security Testing Based on Planning , 2014, ICTSS.

[20]  Adele E. Howe,et al.  Test Case Generation as an AI Planning Problem , 2004, Automated Software Engineering.

[21]  Richard Fikes,et al.  STRIPS: A New Approach to the Application of Theorem Proving to Problem Solving , 1971, IJCAI.

[22]  Mary Lou Soffa,et al.  A Planning-based Approach to GUI Testing∗ , 2000 .

[23]  Matthias Schnelte,et al.  Test Case Generation for Visual Contracts Using AI Planning , 2010, GI Jahrestagung.

[24]  Ana R. Cavalli,et al.  Security Protocol Testing Using Attack Trees , 2009, 2009 International Conference on Computational Science and Engineering.

[25]  Joeri de Ruiter,et al.  Protocol State Fuzzing of TLS Implementations , 2015, USENIX Security Symposium.