Publication
Framework for security assessment by exploring network scanning tools
| Summary: | Networks are essential to enable communication between devices. However, they are prone to being exploited by malicious agents. Conducting security assessments is crucial to ensuring the security of network components. Assessing vulnerabilities from an attacker’s perspective helps to identify potential risks and map the attack surface before hackers can exploit them. This approach allows security teams to anticipate and mitigate vulnerabilities. Several open source tools are available and help to evaluate network security, following a black box perspective. While these tools can be operated manually, automating them optimizes the diligent management of the complex networks that exist today. Network mapping tools provide information about the network, allowing others to use these results to focus their evaluations, making the process more efficient. The proposed solution enables network discovery, and uses the information collected to support vulnerability detection tools. In addition, this proposal uses a process manager in order to simplify the development of processing flows between various tools. This solution is encapsulated in a Docker environment to mitigate compatibility problems in different environments. To validate the solution, a vulnerability assessment was carried out in a controlled environment in the institution. This test allowed to evaluate the performance of the flows and the impact of the tools, both in the target systems and in the system where the flow is located. |
|---|---|
| Main Authors: | Fernandes, João Gil Ferreira de Sousa |
| Subject: | Vulnerability assessment Automation Open source Vulnarability scanners Docker |
| Year: | 2024 |
| Country: | Portugal |
| Document type: | master thesis |
| Access type: | open access |
| Associated institution: | Universidade de Aveiro |
| Language: | English |
| Origin: | RIA - Repositório Institucional da Universidade de Aveiro |
| Summary: | Networks are essential to enable communication between devices. However, they are prone to being exploited by malicious agents. Conducting security assessments is crucial to ensuring the security of network components. Assessing vulnerabilities from an attacker’s perspective helps to identify potential risks and map the attack surface before hackers can exploit them. This approach allows security teams to anticipate and mitigate vulnerabilities. Several open source tools are available and help to evaluate network security, following a black box perspective. While these tools can be operated manually, automating them optimizes the diligent management of the complex networks that exist today. Network mapping tools provide information about the network, allowing others to use these results to focus their evaluations, making the process more efficient. The proposed solution enables network discovery, and uses the information collected to support vulnerability detection tools. In addition, this proposal uses a process manager in order to simplify the development of processing flows between various tools. This solution is encapsulated in a Docker environment to mitigate compatibility problems in different environments. To validate the solution, a vulnerability assessment was carried out in a controlled environment in the institution. This test allowed to evaluate the performance of the flows and the impact of the tools, both in the target systems and in the system where the flow is located. |
|---|