Network Monitoring and Enumerating Vulnerabilities in Large Heterogeneous Networks

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F20%3A00114801" target="_blank" >RIV/00216224:14610/20:00114801 - isvavai.cz</a>

Výsledek na webu

<a href="http://dx.doi.org/10.1109/NOMS47738.2020.9110394" target="_blank" >http://dx.doi.org/10.1109/NOMS47738.2020.9110394</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1109/NOMS47738.2020.9110394" target="_blank" >10.1109/NOMS47738.2020.9110394</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Network Monitoring and Enumerating Vulnerabilities in Large Heterogeneous Networks

Popis výsledku v původním jazyce

In this paper, we present an empirical study on vulnerability enumeration in computer networks using common network probing and monitoring tools. We conducted active network scans and passive network monitoring to enumerate software resources and their version present in the network. Further, we used the data from third-party sources, such as Internet-wide scanner Shodan. We correlated the measurements with the list of recent vulnerabilities obtained from NVD using the CPE as a common identifier used in both domains. Subsequently, we compared the approaches in terms of network coverage and precision of system identification. Finally, we present a sample list of vulnerabilities observed in our campus network. Our work helps in approximating the number of vulnerabilities and vulnerable hosts in large networks, where it is often impractical or costly to perform vulnerability scans using specialized tools, and in situations, where a quick estimate is more important than thorough analysis.

Název v anglickém jazyce

Network Monitoring and Enumerating Vulnerabilities in Large Heterogeneous Networks

Popis výsledku anglicky

In this paper, we present an empirical study on vulnerability enumeration in computer networks using common network probing and monitoring tools. We conducted active network scans and passive network monitoring to enumerate software resources and their version present in the network. Further, we used the data from third-party sources, such as Internet-wide scanner Shodan. We correlated the measurements with the list of recent vulnerabilities obtained from NVD using the CPE as a common identifier used in both domains. Subsequently, we compared the approaches in terms of network coverage and precision of system identification. Finally, we present a sample list of vulnerabilities observed in our campus network. Our work helps in approximating the number of vulnerabilities and vulnerable hosts in large networks, where it is often impractical or costly to perform vulnerability scans using specialized tools, and in situations, where a quick estimate is more important than thorough analysis.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10200 - Computer and information sciences

Projekt

<a href="/cs/project/VI20172020070" target="_blank" >VI20172020070: Výzkum nástrojů pro hodnocení kybernetické situace a podporu rozhodování CSIRT týmů při ochraně kritické infrastruktury</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2020

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium

ISBN

9781728149738

ISSN

—

e-ISSN

2374-9709

Počet stran výsledku

6

Strana od-do

1-6

Název nakladatele

IEEE Xplore Digital Library

Místo vydání

Budapest, Hungary

Místo konání akce

Budapest

Datum konání akce

1. 1. 2020

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

000716920500118