Non-intrusive Techniques for Vulnerability Assessment of Services in Distributed Systems. (2015)
- Record Type:
- Journal Article
- Title:
- Non-intrusive Techniques for Vulnerability Assessment of Services in Distributed Systems. (2015)
- Main Title:
- Non-intrusive Techniques for Vulnerability Assessment of Services in Distributed Systems
- Authors:
- Genge, Béla
Graur, Flavius
Enăchescu, Călin - Abstract:
- Abstract: In this paper we propose an approach for non-intrusive, automated vulnerability assessment of services in distributed systems. Most of existing vulnerability assessment techniques rely on active testing, part of penetration-testing (pen-testing) programs, which assume a series of scanning, probing and exploitation techniques in order to identify possible system vulnerabilities. These approaches are considered highly effective in identifying possible vulnerable points in the network. However, their use is not always possible and recommended for testing on-line, mission-critical services. Therefore, this paper proposes an approach that combines the non-intrusive capabilities of Shodan tool with well-established vulnerability databases (National Vulnerability Database – NVD). The result is a comprehensive approach for non-intrusive vulnerability assessment of Internet-facing services, where hosts and services are interrogated from Shodan search engine and possible vulnerabilities and metrics are automatically extracted from National Vulnerability Database.
- Is Part Of:
- Procedia technology. Volume 19(2015)
- Journal:
- Procedia technology
- Issue:
- Volume 19(2015)
- Issue Display:
- Volume 19, Issue 2015 (2015)
- Year:
- 2015
- Volume:
- 19
- Issue:
- 2015
- Issue Sort Value:
- 2015-0019-2015-0000
- Page Start:
- 12
- Page End:
- 19
- Publication Date:
- 2015
- Subjects:
- non-intrusive vulnerability assessment -- shodan -- National Vulnerability Database -- penetration testing.
Technology -- Congresses
Technology -- Periodicals
Engineering -- Congresses
Engineering -- Periodicals
Engineering
Technology
Conference proceedings
Periodicals
605 - Journal URLs:
- http://www.sciencedirect.com/science/journal/22120173 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.protcy.2015.02.003 ↗
- Languages:
- English
- ISSNs:
- 2212-0173
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 6249.xml