Abstract

Penetration testing also referred to as ethical hacking is an essential tactic for assessing and bolstering the security of digital infrastructures, including servers, networks, firewalls, clients, and online apps. This paper suggests a paradigm for ML-Based Web Penetration Testing that is intended to proactively identify and address security flaws across a variety of platforms, such as web systems, cloud, and mobile devices. This testing, which is carried out with complete authority and in compliance with legal and ethical requirements, guarantees the preservation of organizational assets while advancing cybersecurity best practices. Experimental results showed that the suggested model worked well on five distinct web platforms. With false positives decreased to 7% and an average detection time of 22 minutes, the machine learning-based system achieved an average detection rate of 92%. Additionally, the model demonstrated its versatility and thoroughness by achieving 88% coverage across platforms. The accuracy, speed, and scope of these results are superior to those of conventional penetration testing techniques. It is strongly advised to regularly apply such intelligent penetration testing, ideally done on a monthly or quarterly basis, to maintain a robust and secure digital environment because IT infrastructures are dynamic.

Keywords

  • adaptive tokenomics
  • algorithmic stablecoins
  • stochastic control
  • deep reinforcement learning
  • Proximal Policy Optimization
  • cadCAD simulations
  • on-chain execution of smart contracts

References

  1. Wu, Benlong, et al. "AutoPT: How Far Are We from the End2End Automated Web Penetration Testing?" arXiv preprint arXiv:2411.01236 (2024).
  2. Deng, Gelei, et al. "PentestGPT: An LLM-empowered Automatic Penetration Testing Tool." arXiv preprint arXiv:2308.06782 (2023).
  3. Ventura, Rui, Daniel Jose Franco, and Omar KhasroAkram. "A Novel VAPT Algorithm: Enhancing Web Application Security Through OWASP Top 10 Optimization." arXiv preprint arXiv:2311.10450 (2023).
  4. Antonelli, Diego, et al. "Leveraging AI to Optimize Website Structure Discovery During Penetration Testing." arXiv preprint arXiv:2101.07223 (2021).
  5. Sulisnawati, Nani, and SubektiningsihSubektiningsih. "Implementation of Open Web Application Security Project for Penetration Testing on Educational Institution Websites." JurnalIlmiah Teknik ElektroKomputer dan Informatika, vol. 9, no. 2, 2023.