Auto Red Team: A Network Attack Automation Framework based on Decision Tree
Lu, Song (2008) Auto Red Team: A Network Attack Automation Framework based on Decision Tree. Masters thesis, Iowa State University.
Full text available as:
In this thesis we discuss our research in incorporating Machine Learning into network attack automation. The key idea is to audit the traffic between the attacker and the target machine, then apply Decision Tree Learning methods on the audit data to generate a set of rules, and create a smart attacker that is guided by those rules and is capable of launching attack sequence according to the response from the target machine. By conducting experiments on Linux platform, we constructed a framework named Auto Red Team (ART ) that audits traffic, compose training data, and generate an smart attacker by feeding those training data into a Decision Learning Tree model. Experiments shows that the ART can realize an effective and accurate attack automation. Beside basic data analysis on the experiment data, we also apply a statistical method, Principle Component Analysis on the experiment data to verify the generated rules. Although the Principle Component Analysis can not completely explain the rules by the Decision Tree module, some convincing explanations on the relationship between those rules and certain Principal Components were given.
Archive Staff Only: edit this record