Intelligent penetration testing method for power internet of things systems combining ontology knowledge and reinforcement learning.
With the application of new-generation information technologies such as big data, artificial intelligence, and the energy Internet in Power Internet of Things (IoT) systems, a large number of IoT terminals, acquisition terminals, and transmission devices have achieved integrated interconnection and...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Public Library of Science (PLoS)
2025-01-01
|
| Series: | PLoS ONE |
| Online Access: | https://doi.org/10.1371/journal.pone.0323357 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850160143753281536 |
|---|---|
| author | Shoudao Sun Yi Lu Di Wu Guangyan Zhang |
| author_facet | Shoudao Sun Yi Lu Di Wu Guangyan Zhang |
| author_sort | Shoudao Sun |
| collection | DOAJ |
| description | With the application of new-generation information technologies such as big data, artificial intelligence, and the energy Internet in Power Internet of Things (IoT) systems, a large number of IoT terminals, acquisition terminals, and transmission devices have achieved integrated interconnection and comprehensive information interaction. However, this transformation also brings new challenges: the security risk of intrusions into power IoT systems has significantly increased, making the assurance of power system information security a research hotspot. Penetration testing, as an essential means of information security protection, is critical for identifying and fixing security vulnerabilities. Given the complexity of power IoT systems and the limitations of traditional manual testing methods, this paper proposes an automated penetration testing method that combines prior knowledge with deep reinforcement learning. It aims to intelligently explore optimal attack paths under conditions where the system state is unknown. By constructing an ontology knowledge model to fully utilize prior knowledge and introducing an attention mechanism to address the issue of varying state spaces, the efficiency of penetration testing can be improved. Experimental results show that the proposed method effectively optimizes path decision-making for penetration testing, providing support for the security protection of power IoT systems. |
| format | Article |
| id | doaj-art-1fb03f8977db483da584f587fb18ae2a |
| institution | OA Journals |
| issn | 1932-6203 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | Public Library of Science (PLoS) |
| record_format | Article |
| series | PLoS ONE |
| spelling | doaj-art-1fb03f8977db483da584f587fb18ae2a2025-08-20T02:23:15ZengPublic Library of Science (PLoS)PLoS ONE1932-62032025-01-01205e032335710.1371/journal.pone.0323357Intelligent penetration testing method for power internet of things systems combining ontology knowledge and reinforcement learning.Shoudao SunYi LuDi WuGuangyan ZhangWith the application of new-generation information technologies such as big data, artificial intelligence, and the energy Internet in Power Internet of Things (IoT) systems, a large number of IoT terminals, acquisition terminals, and transmission devices have achieved integrated interconnection and comprehensive information interaction. However, this transformation also brings new challenges: the security risk of intrusions into power IoT systems has significantly increased, making the assurance of power system information security a research hotspot. Penetration testing, as an essential means of information security protection, is critical for identifying and fixing security vulnerabilities. Given the complexity of power IoT systems and the limitations of traditional manual testing methods, this paper proposes an automated penetration testing method that combines prior knowledge with deep reinforcement learning. It aims to intelligently explore optimal attack paths under conditions where the system state is unknown. By constructing an ontology knowledge model to fully utilize prior knowledge and introducing an attention mechanism to address the issue of varying state spaces, the efficiency of penetration testing can be improved. Experimental results show that the proposed method effectively optimizes path decision-making for penetration testing, providing support for the security protection of power IoT systems.https://doi.org/10.1371/journal.pone.0323357 |
| spellingShingle | Shoudao Sun Yi Lu Di Wu Guangyan Zhang Intelligent penetration testing method for power internet of things systems combining ontology knowledge and reinforcement learning. PLoS ONE |
| title | Intelligent penetration testing method for power internet of things systems combining ontology knowledge and reinforcement learning. |
| title_full | Intelligent penetration testing method for power internet of things systems combining ontology knowledge and reinforcement learning. |
| title_fullStr | Intelligent penetration testing method for power internet of things systems combining ontology knowledge and reinforcement learning. |
| title_full_unstemmed | Intelligent penetration testing method for power internet of things systems combining ontology knowledge and reinforcement learning. |
| title_short | Intelligent penetration testing method for power internet of things systems combining ontology knowledge and reinforcement learning. |
| title_sort | intelligent penetration testing method for power internet of things systems combining ontology knowledge and reinforcement learning |
| url | https://doi.org/10.1371/journal.pone.0323357 |
| work_keys_str_mv | AT shoudaosun intelligentpenetrationtestingmethodforpowerinternetofthingssystemscombiningontologyknowledgeandreinforcementlearning AT yilu intelligentpenetrationtestingmethodforpowerinternetofthingssystemscombiningontologyknowledgeandreinforcementlearning AT diwu intelligentpenetrationtestingmethodforpowerinternetofthingssystemscombiningontologyknowledgeandreinforcementlearning AT guangyanzhang intelligentpenetrationtestingmethodforpowerinternetofthingssystemscombiningontologyknowledgeandreinforcementlearning |