US 12,393,694 B2
Computer-implemented method for testing the cybersecurity of a target environment
Abdelkader Lahmadi, Le Chesnay (FR); Jérôme Francois, Le Chesnay (FR); and Frédéric Beck, Le Chesnay (FR)
Assigned to INSTITUT NATIONAL DE RECHERCHE EN INFORMATIQUE ET EN AUTOMATIQUE (INRIA), Le Chesnay (FR)
Appl. No. 18/007,362
Filed by INSTITUT NATIONAL DE RECHERCHE EN INFORMATIQUE ET EN AUTOMATIQUE (INRIA), Le Chesnay (FR)
PCT Filed Jul. 28, 2021, PCT No. PCT/FR2021/051410
§ 371(c)(1), (2) Date Jan. 30, 2023,
PCT Pub. No. WO2022/023671, PCT Pub. Date Feb. 3, 2022.
Claims priority of application No. 2008218 (FR), filed on Jul. 31, 2020.
Prior Publication US 2023/0222223 A1, Jul. 13, 2023
Int. Cl. G06F 21/57 (2013.01)
CPC G06F 21/577 (2013.01) [G06F 2221/034 (2013.01)] 9 Claims
OG exemplary drawing
 
1. A computer-implemented method for testing cybersecurity of a target environment, comprising operations including:
a) receiving target environment data comprising software elements;
b) accessing a database of vulnerabilities, each vulnerability being defined by a tuple associating a vulnerability identifier, a list of means defining the means used to exploit the vulnerability, and a list of consequences defining the consequences for exploiting the vulnerability, and extracting therefrom a list of vulnerabilities comprising all of the vulnerabilities comprising a vulnerability identifier associated with a software element included in the target environment data;
c) building a list of vulnerability chains based on the list of vulnerabilities by initialising at least one pair comprising an empty list as the current list and one of the vulnerabilities from the list of vulnerabilities as the current vulnerability, and for each couple, by executing the following operations
c)1) for each given vulnerability of the list of vulnerabilities distinct from the current vulnerability and absent from the tuples in the current list, comparing the consequences of the current vulnerability with the means of the given vulnerability, and,
c)2) whenever a similarity between a consequence of the list of consequences of the current vulnerability with a means of the list of means of the given vulnerability is found,
c)2)i) defining one or more new chains by adding to each of the chains of the current list whose last tuple includes the current vulnerability a tuple associating the given vulnerability, a similarity identifier, the consequence of the list of consequences of the current vulnerability, and the means of the list of means of the given vulnerability,
c)2)ii) adding the new chain(s) to the list of vulnerability chains,
c)2)iii) repeating the operations a) and b) with the given vulnerability as the current vulnerability, and the list of vulnerability chains as the current list.