Document Type

Conference Proceeding

Publication Date



Penetration Testing (pentesting) is the process of using tactics and techniques to penetrate computer systems and networks to expose any issues in their cybersecurity \cite{rsa}. It is currently a manual process requiring significant experience and time that are in limited supply. One way to supplement the shortage is through automation. This paper presents the Automated Network Discovery and Exploitation System (ANDES) which demonstrates that it is feasible to automate the pentesting process. The uniqueness of ANDES is the use of Bayesian decision networks to represent the pentesting domain and subject matter expert knowledge. ANDES conducts multiple execution cycles, which build upon previous action results. This process simulates the iterative thinking process of human attackers. Cycles begin by modeling the current belief state using Bayesian decision networks. ANDES uses these networks to select and execute an expected best action. Observed results are used to update the systems current belief state before the next cycle begins. ANDES was tested in a live-execution event, taking place within a virtual network environment designed to mimic a small business’s internal network. ANDES successfully performed a series of information gathering and remote exploit actions, across multiple network hosts, to gain access to the objective target.


©2022 The Authors

This article is licensed under a Creative Commons Attribution 4.0 International License (CC BY 4.0), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made. Please fully attribute the citation below, including DOI in any re-use.



Source Publication

Proceedings of FLAIRS-35