MEGA-PT: A Meta-Game Framework for Agile Penetration Testing
This addresses the problem of time-consuming and error-prone penetration testing for cybersecurity professionals, though it appears incremental as it builds on existing automated testing concepts.
The paper tackles the inefficiencies and limitations of traditional and automated penetration testing by proposing MEGA-PT, a meta-game framework that uses micro and macro modeling for agile testing, resulting in improved defense strategies and adaptability to network changes.
Penetration testing is an essential means of proactive defense in the face of escalating cybersecurity incidents. Traditional manual penetration testing methods are time-consuming, resource-intensive, and prone to human errors. Current trends in automated penetration testing are also impractical, facing significant challenges such as the curse of dimensionality, scalability issues, and lack of adaptability to network changes. To address these issues, we propose MEGA-PT, a meta-game penetration testing framework, featuring micro tactic games for node-level local interactions and a macro strategy process for network-wide attack chains. The micro- and macro-level modeling enables distributed, adaptive, collaborative, and fast penetration testing. MEGA-PT offers agile solutions for various security schemes, including optimal local penetration plans, purple teaming solutions, and risk assessment, providing fundamental principles to guide future automated penetration testing. Our experiments demonstrate the effectiveness and agility of our model by providing improved defense strategies and adaptability to changes at both local and network levels.