Network security (Part II): Can we do a better job? "

Size: px
Start display at page:

Download "Network security (Part II): Can we do a better job? ""

Transcription

1 Network security (Part II): Can we do a better job? Rattikorn Hewett Outline State of the practices Drawbacks and Issues A proposed alternative NSF SFS Workshop August 14-18, Computer Network Computer Network How can I secure this network? Network Administrator 3 4 1

2 State of the practices State of the practices 1) Admission Control 2) Data Control Encryption Verifying the identification of authorized users Encryption/Decryption of data to be transmitted 5 6 State of the practices State of the practices 3) Infection Control 4) Security Policy ftp http SMTP Virus protection, virus removal, and infection containment Firewall policy to protect unauthorized requests from outside the network 7 8 2

3 State of the practices State of the practices Common IT Security Setup Where is the weakness of this network to hack into? Where is the weakness of this network to hack into? Encryption Encryption Attacker Attacker Secure enough? What about IDS to detect intrusion? Network Administrator Network Administrator 9 10 State of the practices Outline 4) IDS (Intrusion Detection System) Encryption I will outsmart IDS with new tricks State of the practices Drawbacks and Issues A proposed alternative Attacker IDS monitors network activities and alerts when attack patterns are detected

4 Recaps current practices & drawbacks Other Issues.. Admission control, e.g., authentication Data control, e.g., encryption Infection control, e.g., anti-virus, virus removal/containment Security policy, e.g., firewalls, RBAC(role-based access control) à Most defend attack at entering points or prevent non-targeted spreading à What about targeted attacks in the network? Intrusion detection system (IDS) à Can t prevent attacks à Can t detect unfamiliar attacks à Requires resource for continuous monitoring Computer networks are unavoidably vulnerable as long as they have to provide services Network Vulnerabilities Network Configurations Ports & services enabled Exploitable errors in Implementation of Software Services Apache Chunked-Code on Apache web servers Buffer overflow on Windows XP SP2 operating environments TNS- Listener on Oracle software for database servers Network Security Issues Network Security Issues Computer networks are vulnerable Apache Chunked-Code Buffer-Over flow Apache httpd version 1.3 through allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunkencoded HTTP request that causes Apache to use an incorrect size. Oracle TNS Listener Wu-ftpd SockPrintf Wu-ftpd restricted-gid CVE Common Vulnerability & Exposure Computer networks are vulnerable Commercial scanners can only detect network vulnerabilities at individual points

5 Network Security: Issues Outline Computer networks are vulnerable Commercial scanners can only detect network vulnerabilities at individual points Current state of the practices Issues and drawbacks A proposed alternative Perfectly secure isolated services do not guarantee secure network of combined services A preventative approach Security Model Generation Idea: Pre-determine all possible attacks from network vulnerabilities Use results to determine appropriate actions Network Vulnerabilities Security Model Configurations Generation Security Policy Prioritize critical path Model Select appropriate Analysis counter measures Attack Model: all possible chains of exploits (or exploitable vulnerabilities) Goal: To generate all possible attacks from network vulnerabilities CVE-1 CVE-3 Scanner CVE-1 CVE-2 CVE-4 Exploit CVE-1. Exploit CVE-3 Exploit CVE-4 Exploit CVE-2 Exploit CVE-1. All possible attacks Identify vulnerabilities of each computer in the network using a vulnerability scanner (e.g., Nessus, SAINT, OpenVAS) Apply all exploitable vulnerabilities for each attack state

6 Example of Simple Network Example of Simple Network Host A, access = 2 ap tns t 1 t 2 Scan the vulnerabilities ap t 1 Goal: root access tns t2 Exploit ap? Preconditions: Access on A 1 A & W are connected Example of Simple Network Example of Simple Network Host A, access = 2 Host A, access = 2 ap t 1 tns t 2 exploit ap Host W access = 2 ap tns t 1 t 2 Exploit tns? Preconditions: Access on A 1 A & D are connected

7 Example of a simple network Complete Attack Model Can you finish the rest? Host A, access = 2 ap tns t 1 t 2 Exploit tns? t 1 Not exploitable Host W, access = 1 Goal: root access of a database server Attack Model shows all possible attack paths A preventative approach Why model analysis? - Example Idea: Pre-determine all possible attacks from network vulnerabilities Use results to determine appropriate actions Network Vulnerabilities Security Model Configurations Generation Security Policy Prioritize critical path Model Select appropriate Analysis counter measures Attack Model: all possible chains of exploits (or exploitable vulnerabilities) How can we prevent attack to gain root access at IP2? v 3 = CVE wu-ftpd and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead. Counter-measure 1. Upgrade wu-ftpd to version > 2.6.2, OR 2. Replace wu-ftpd with other ftpd-service, OR 3. Stop providing ftpd-service at IP2 Root access to IP

8 Why model analysis? - Example Issues How can we prevent attack to gain root access at IP2? Block v 3 into IP2 More. Block v 1 into IP2 The resulting attack models are huge even for a small network Root access at the attacker s machine How do we identify these blocks? How do we pick an appropriate block/counter measure? Which state to focus first, e.g., (IP1, 2) vs. (IP2, 1) Which is more likely to be attacked? Root access to IP2 Goal: Root access to IP2 How do we effectively analyze the huge attack model? Attack Model Analysis Exploit-based Analysis To extract useful information from security model to protect the network Visualization Group similar nodes for display [Noel & Jajodia, 05] Manual, time-consuming Non-systematic Markov model-based Estimate likelihood of attack [Sheyner et al., 02; Mehta et al.,06; PageRank] None uses knowledge about networks Handle cyclic models Graph-based Minimisation analysis to block attack paths [Jha et al, 02] Automatic Limited to specific models Our approach Exploit-based analysis Use knowledge about exploitability Prioritizes attack points in an attack model based on the ease in exploiting their vulnerabilities Easy to exploit à High exploitability à High priority (for fixing) Approach Estimate a probability distribution of intrusion for each attack state To obtain its relative chance of being attacked using the knowledge about exploitability

9 Exploitability Exploitability Atomic level Exploitability of each vulnerability Access Vector Access Complexity E.g., remote, local E.g., low efforts to exploit E.g., no or single authentication Atomic level Exploitability of each vulnerability (degrees 1à 10) High exploitability à High vulnerability à Easy to exploit Exploitability Markov Model Atomic level Exploitability of each vulnerability (degrees 1à 10) Global level Exploitability of attack states in the network topology à Based on Markov Model (Applied to PageRank) Approximates a probability distribution of dynamic behaviors randomly evolving to a stationary state à Define the probability of intrusion of each attack point recursively Markov Property: The probability distribution for the future network intrusion only depends on the current states à Repeat the computation until no change in the probability distribution approximation

10 Recurrence Equation Recurrence Equation h(u, v) = exploitability of exploits from state u to v r t (u) = probability of state u being attacked at time t d = probability that attackers continue attacking on a current path h(u, v) = exploitability of exploits from state u to v r t (u) = probability of state u being attacked at time t d = probability that attackers continue attacking on a current path If v is not an initial state Chance of continuing attack Chances of entering v Chances of exploitability of u to v v h(u,v) u If v is an initial state + Chance of entering v from all other states ExploitRank Algorithm Center for (thus, Science & maintain Engineering of Cyber a user Security access level in a Whitacre victim College host), of Engineering and to 38 obtain a denial of service (thus, gain a root access level in the victim host), respectively. Local users can exploit the last vulnerability to bypass access restrictions by changing their access permissions of a home directory via the ftp, which causes its service program, wu-ftpd to, instead, allow access of the root directory. We annotate each configuration of the network in Figure 4 with its corresponding vulnerabilities and their associated A simple labels. Illustration For example, IP2 has two vulnerabilities, namely CVE (or v 1) and CVE (or v 3). More details of these common standard vulnerabilities are described in [14, 17]. Although our approach can be applied to any form of a security model, in this study we use a host-centric attack graph model [5]. Suppose the goal of an attacker is to violate a security requirement. Based on the network configurations and the vulnerabilities shown in Figure 4, we can automatically generate a host-centric attack model as shown in Figure 5 a) by employing a model-checking tool such as NuSMV [4] as illustrated in [5]. Rank 5 Node Intrusion Likelihood S S S S S Rank 4 Center for Science & a) Engineering host-centric of Cyber attack Security graph b) exploit-based Whitacre College analysis of Engineering graph Fig. 5. Attack model analysis of the network in Figure 4. Each state is labeled by a tuple representing a host name and its access level obtained by an attacker. Thus, (Attacker, root) is an initial state since an attacker has a root access privilege on his own machine. The attacker s goal is to obtain a root access to IP2 and thus, (IP2, root) represents a goal state. As shown in Figure 5 b), we rename the states (Attacker, root), (IP1, root), (IP1, user), (IP2, user) and (IP2, root) as s 0, s 1, s 2, s 3, and s 4, respectively. Table 2. Vulnerability and exploitability. Rank 3 Rank Rank 2 40 Fig. 6. Normalized exploitab The model obtained in F normalized exploitability w rithm to estimate a probab state i to state j. The norma of the probabilities of all p one. For example, there ar to advance from state s 0, to ity values,, and, ristic value for exploiting v /( + + ) = 0.2. entry w ij = w(i, j) is shown in the algorithm is the seco fined in Equation (3). Table 3. Ranking r Applying the heuristics trank algorithm, the resu host-centric attack model a ble 3. We then apply Mehta not employ the exploitabilit shown in the second colum As shown in Table 3, th apply the heuristics is < s 4 and otherwise, 10 < s 4, s 3, s 0, s is applied (i.e., Mehta et al order of likelihood of intru ability. Both results sugge likelihood of being attack most vulnerable).

11 5 5 (thus, maintain a user access level in a victim host), and to (thus, maintain a user access level in a victim host), and to obtain a denial of service (thus, gain a root access level in the obtain a denial of service (thus, gain a root access level in the victim host), respectively. Local users can exploit the last vulnerability to bypass access restrictions by changing their ac- victim host), respectively. Local users can exploit the last vulnerability to bypass access restrictions by changing their access permissions of a home directory via the ftp, which causes cess permissions of a home directory via the ftp, which causes its service program, wu-ftpd to, instead, allow access of the its service program, wu-ftpd to, instead, allow access of the root directory. We annotate each configuration of the network Fig. 6. Normalized exploitability of the analysis graph in Figure 5 b) root directory. We annotate each configuration of the network Fig. 6. Normalized exploitability of the analysis graph in Figure 5 b) in Figure 4 with its corresponding vulnerabilities and their in Figure 4 with its corresponding vulnerabilities and their associated labels. For example, IP2 has two vulnerabilities, The model obtained in Figure 5 b) is useful in computing a associated labels. For example, IP2 has two vulnerabilities, The model obtained in Figure 5 b) is useful in computing a namely CVE (or v namely CVE (or v 1) and CVE (or v 1) 3). normalized and CVE exploitability (or w(i, v 3). normalized exploitability w(i, j) used in the ExploitRank algorithm to estimate a probability of advancing from attack in j) used in the ExploitRank algorithm More details of these common More details of these common standard vulnerabilities are standard to estimate vulnerabilities a probability are of advancing from attack in described in [14, 17]. state i to state j. The normalization is required so that the sum described in [14, 17]. Some Comparisons state i to state j. The normalization is required so that the sum Although our approach can be Although our approach can be applied to any form of a security model, in this study we use a host-centric attack graph one. use a For host-centric example, attack there are graph one. For example, there are three possible exploits applicable of applied the probabilities to any form of all of possible a security model, in this study we of the probabilities of all More possible complex attack transitions attack would model be attack transitions would be three possible exploits applicable model [5]. Suppose the goal of model [5]. Suppose the goal of In an Mehta attacker et is al.ʼs to violate approach a security requirement. Based on the network configurations and the ristic value for exploiting v to an advance attacker from is to violate state s 0, a to security requirement. Based on the ity network values configurations,, and, and respectively. the The normalized heu- to advance from state s states s 1, s 2 and s 3 with exploitabil- 0, to states s 1, s 2 and s 3 with exploitability values,, and, respectively. The normalized heu- vulnerabilities Each node has shown equal in chance Figure ristic 4, to we be value can attacked automatically for exploiting no use generate a host-centric attack model /( as shown + in Figure + ) 5 = a) 0.2. by em- A complete weight matrix, whose vof vulnerabilities shown in Figure 4, we can automatically generate a host-centric attack model as shown the degree in Figure of vulnerability 5 a) by em- exploitability entry w 2 from s 0 to s 1 can be computed as 2 from s 0 to s 1 can be computed as /( + + ) = 0.2. A complete weight matrix, whose entry w ij = w(i, j) is shown in Figure 6. Note ij = w(i, j) is shown in Figure 6. Note that in fact w(i, j) ploying a model-checking tool such as NuSMV [4] as illustrated in [5]. that in fact w(i, j) ploying a model-checking tool such as NuSMV [4] as illustrated in [5]. fined in Equation (3). in the algorithm is the second factor of the function g in the algorithm is the second factor of the function g t(v) defined in Equation Our Approach (3). t(v) de- Mehta et al.ʼs Approach Table 3. Ranking results on the attack model. From s0 () Table 3. Rank Ranking 5 results on the attack model. Rank 5 From s0-s3 (, ) Rank 3 Rank 4 From s0 From s0-s3 Rank 2 Rank 3 Rank 2 Rank 4 Rank 3 From s0 () Rank 2 Rank 1 From s From s0-s2 (, ) From s0-s2 From s0-s3 (, ) Rank 1 From s0-s3 Rank 1 Applying the heuristics obtained in Figure 6 to the ExploitRank algorithm, the results of ranking attack states in the Applying the heuristics obtained in Figure 6 to the ExploitRank More algorithm, exposures the + results of ranking attack states in the a) host-centric attack graph b) exploit-based analysis graph a) host-centric attack graph b) exploit-based analysis graph host-centric attack model are shown in the first column of Table 3. We then apply Mehta et al. s ranking approach that does host-centric attack model are shown in the first column of Table 3. We then apply Mehta et al. s ranking approach that does Fig. 5. Attack model analysis of the network More Fig. exposures 5. Attack model analysis of the network in Figure 4. in Figure 4. Easier exploit vulnerability Each state is labeled by a tuple Each state is labeled by a Center tuple for representing Science & Engineering a host of Cyber name Security and not representing employ the a exploitability host name and not employ the exploitability heuristic and obtain the results as heuristic and obtain the results as 41 its access level obtained by an its access level obtained by an attacker. Thus, (Attacker, root) shown attacker. in Thus, the second (Attacker, column root) shown in the second Center column for Science & of Engineering Table of 3. Cyber Security of Table 3. is an initial state since an attacker is an initial state since an attacker has a root access privilege As has shown a root in access Table privilege As shown in Table 3, the ranking result obtained when we 3, the ranking result obtained when we on his own machine. The attacker s goal is to obtain a root apply the heuristics is < s on his own machine. The attacker s goal is to obtain a root apply the heuristics is < s 4, s 3, s 2, s 0, s 1 > (i.e., our approach) 4, s 3, s 2, s 0, s 1 > (i.e., our approach) access to IP2 and thus, (IP2, root) represents a goal state. As and otherwise, < s access to IP2 and thus, (IP2, root) represents a goal state. As and otherwise, < s 4, s 3, s 0, s 1, s 2 > is obtained when no 4, s heuristic 3, s 0, s 1, s 2 > is obtained when no heuristic shown in Figure 5 b), we rename the states (Attacker, root), is applied (i.e., Mehta et al. s approach). The ranking is in the shown in Figure 5 b), we rename the states (Attacker, root), is applied (i.e., Mehta et al. s approach). The ranking is in the (IP1, root), (IP1, user), (IP2, user) and (IP2, root) as s (IP1, root), (IP1, user), (IP2, user) and (IP2, root) as s 0, s 1, s 0, s 1, s 2, order of likelihood of intrusion based on vulnerability exploitability. Both results suggest that s s 2, order of likelihood of intrusion based on vulnerability exploitability. Both results suggest that s 4 has the highest (relative) 4 has the highest (relative) s 3, and s 4, respectively. 3, and s 4, respectively. likelihood of being attacked (i.e., highest exploitability and Conclusions Table 2. Vulnerability likelihood and exploitability. of being attacked (i.e., highest exploitability and References Table 2. Vulnerability and exploitability. most vulnerable). most vulnerable). To further compare the ranking results, if we ignore s To further compare the ranking results, if we ignore s 0 in 0 in both ranking lists, both ranking orders generally agree except both ranking lists, both ranking orders generally agree except a conflicting case of ranking order between s a conflicting case of ranking order between s 1 and s 2. Consider 1 and s 2. Consider Current state of security practices help guard against Hewett, R.; Kijsanayothin, P., Host-Centric Model Checking for Network Vulnerability attackers from the initial attackers from the initial Analysis, state. Computer As Security shown Applications in Figure Conference, 5 b), to ACSAC Annual, illegitimate network entry access state. As shown in Figure 5 b), to reach state s reach state s 1 (e.g., from s 0, s 2 or s 3) requires exploiting 1 (e.g., vol., from no., spp.225,234, vulnerability 0, s 2 or s8-12 3) requires Dec, 2008, exploiting doi: /ACSAC vulnerability v Table network 2 shows intrusion the and exploitability network Table 2 shows the exploitability computed for each of the infection computed v 2, whereas for each to of reach the state s 2 (e.g., from 2, whereas Kijsanayothin, to reach P.; state Hewett, s s 0 or s 3) requires 2 R., (e.g., Analytical from Approach s 0 or sto 3) Attack requires exploiting vulnerability Graph Analysis for relevant vulnerabilities obtained relevant vulnerabilities obtained from publically known CVSS from exploiting publically known vulnerability CVSS Network Security, v Availability, v 1. However, according to the 1. However, Reliability, according and Security, to the ARES '10 International BUT attackers can still attack the network by exploiting as described in previous sectionbased as described in previous sectionbased on heuristic values in CVSS standard, on heuristic since values exploitability(v in CVSS standard, since Conference exploitability(v on, vol., no., pp.25,32, 1) = but exploitability(v 2) =, attack v 1 is graph 1) = but Feb, exploitability(v 2010, doi: /ARES Table network 2, we vulnerabilities obtained the corresponding (due to configuration Table 2, we obtained the corresponding attack graph for analysis as shown in Figure 5 b), where we replace the state transi- be easier we replace to reach the s 2. state For transi- be easier to reach s or software Noel, S.; Jajodia, S., Understanding complex network attack graphs through more for vulnerable analysis errors) as shown in Figure 5 b), where than 2) =, v v 2. Therefore, 1 is more vulnerable than v it should 2. Therefore, it should clustered adjacency matrices, Computer Security Applications Conference, 21st example, from initial state 2. For example, from initial state s 0, Annual reaching sby 2 requires corresponding v 1 exploit exploitaing s, vol., no., pp.10 pp.,169, 5-9 Dec, 2005, 0, doi: reach /CSAC tions of the vulnerability exploits tions of the vulnerability exploits by corresponding exploitability values in Table 2. v 1 and v 1 exploits to reach s 1. Therefore, 1 and v compared to a 2 requires v v 2 exploit or 1 exploit compared to a v a chain of 2 exploit a chain of One remedy is to aim to prevent critical possible attacks Jha, S., O. Sheyner, and J. Wing, Two formal analysis of attack graphs, in CSFW bility values in Table 2. v s 1 exploits to reach s 2 should rank '02: higher Proceedings 1. Therefore, of the 15th IEEE s 2 should workshop rank on Computer higher Security Foundations. from these vulnerabilities (not just entry points) than s than s 1. This intuitive reasoning conforms 1. This intuitive Washington, reasoning DC, conforms USA: IEEE Computer to our Society, ranking p. 49, order to our ranking order We give an example of how Mehta, V., C. Bartzis, H. Zhu, E. M. Clarke, and J. M. Wing, Ranking attack graphs, in Recent Advances in Intrusion Detection, pp , Attack model can be automatically constructed and Schiffman, Cisco CIAG, A Complete Guide to the Common Vulnerability Scoring used for security management System (CVSS), Forum Incident Response and Security Teams (http://www.first.org/) Sheyner, O., J. Haines, S. Jha, R. Lippmann, and J. Wing, Automated generation This helps address scalability of network protection and analysis of attack graphs, Proc. of the IEEE Symposium on Security and Privacy, pp ,

A Graph theoretical approach to Network Vulnerability Analysis and Countermeasures

A Graph theoretical approach to Network Vulnerability Analysis and Countermeasures A Graph theoretical approach to Network Vulnerability Analysis and Countermeasures Dr.Thaier Hamid University of Bedfordshire, UK Prof. Carsten Maple, University of Bedfordshire, UK ABSTRACT Computer networks

More information

Attack graph analysis using parallel algorithm

Attack graph analysis using parallel algorithm Attack graph analysis using parallel algorithm Dr. Jamali Mohammad (m.jamali@yahoo.com) Ashraf Vahid, MA student of computer software, Shabestar Azad University (vahid.ashraf@yahoo.com) Ashraf Vida, MA

More information

A Review on Zero Day Attack Safety Using Different Scenarios

A Review on Zero Day Attack Safety Using Different Scenarios Available online www.ejaet.com European Journal of Advances in Engineering and Technology, 2015, 2(1): 30-34 Review Article ISSN: 2394-658X A Review on Zero Day Attack Safety Using Different Scenarios

More information

ON ATTACK GRAPH MODEL OF NETWORK SECURITY. Hasmik Sahakyan, Daryoush Alipour

ON ATTACK GRAPH MODEL OF NETWORK SECURITY. Hasmik Sahakyan, Daryoush Alipour 26 ON ATTACK GRAPH MODEL OF NETWORK SECURITY Hasmik Sahakyan, Daryoush Alipour Abstract: All types of network systems are subject to computer attacks. The overall security of a network cannot be determined

More information

VEA-bility Security Metric: A Network Security Analysis Tool

VEA-bility Security Metric: A Network Security Analysis Tool VEA-bility Security Metric: A Network Security Analysis Tool Melanie Tupper Dalhousie University tupper@cs.dal.ca A. Nur Zincir-Heywood Dalhousie University zincir@cs.dal.ca Abstract In this work, we propose

More information

Attack Graph Techniques

Attack Graph Techniques Chapter 2 Attack Graph Techniques 2.1 An example scenario Modern attack-graph techniques can automatically discover all possible ways an attacker can compromise an enterprise network by analyzing configuration

More information

THREAT VISIBILITY & VULNERABILITY ASSESSMENT

THREAT VISIBILITY & VULNERABILITY ASSESSMENT THREAT VISIBILITY & VULNERABILITY ASSESSMENT Date: April 15, 2015 IKANOW Analysts: Casey Pence IKANOW Platform Build: 1.34 11921 Freedom Drive, Reston, VA 20190 IKANOW.com TABLE OF CONTENTS 1 Key Findings

More information

Software Vulnerability Assessment

Software Vulnerability Assessment Software Vulnerability Assessment Setup Guide Contents: About Software Vulnerability Assessment Setting Up and Running a Vulnerability Scan Manage Ongoing Vulnerability Scans Perform Regularly Scheduled

More information

Integrated Network Vulnerability Scanning & Penetration Testing SAINTcorporation.com

Integrated Network Vulnerability Scanning & Penetration Testing SAINTcorporation.com SAINT Integrated Network Vulnerability Scanning and Penetration Testing www.saintcorporation.com Introduction While network vulnerability scanning is an important tool in proactive network security, penetration

More information

Inspection of Vulnerabilities through Attack Graphs and Analyzing Security Metrics Used For Measuring Security in A Network.

Inspection of Vulnerabilities through Attack Graphs and Analyzing Security Metrics Used For Measuring Security in A Network. Inspection of Vulnerabilities through Attack Graphs and Analyzing Security Metrics Used For Measuring Security in A Network. R.Dhaya 1 D.Deepika 2 Associate Professor, Department of CSE, Velammal Engineering

More information

National Endowment for the Arts Evaluation Report. Table of Contents. Results of Evaluation... 1. Areas for Improvement... 2. Exit Conference...

National Endowment for the Arts Evaluation Report. Table of Contents. Results of Evaluation... 1. Areas for Improvement... 2. Exit Conference... NEA OIG Report No. R-13-03 Table of Contents Results of Evaluation... 1 Areas for Improvement... 2 Area for Improvement 1: The agency should implement ongoing scanning to detect vulnerabilities... 2 Area

More information

ADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT

ADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT ADDING NETWORK INTELLIGENCE INTRODUCTION Vulnerability management is crucial to network security. Not only are known vulnerabilities propagating dramatically, but so is their severity and complexity. Organizations

More information

1 Scope of Assessment

1 Scope of Assessment CIT 380 Project Network Security Assessment Due: April 30, 2014 This project is a security assessment of a small group of systems. In this assessment, students will apply security tools and resources learned

More information

Network Security and Risk Analysis Using Attack Graphs

Network Security and Risk Analysis Using Attack Graphs Network Security and Risk Analysis Using Attack Graphs Anoop Singhal National Institute of Standards and Technology Coauthors: Lingyu Wang and Sushil Jajodia Concordia University George Mason University

More information

Advances in Topological Vulnerability Analysis

Advances in Topological Vulnerability Analysis Advances in Topological Vulnerability Analysis Steven Noel 1, Matthew Elder 2, Sushil Jajodia 1, Pramod Kalapa 1, Scott O Hare 3, Kenneth Prole 3 1 Center for Secure Information Systems, George Mason University,

More information

Vulnerability Assessment Report Format Data Model

Vulnerability Assessment Report Format Data Model I3E'2005 Vulnerability Assessment Report Format Data Model Dr.D.Polemi G.Valvis Issues Attack paradigm Vulnerability exploit life cycle Vulnerability assessment process Challenges in vulnerability assessment

More information

Using AI Techniques to improve Pentesting Automation

Using AI Techniques to improve Pentesting Automation Using AI Techniques to improve Pentesting Automation Carlos Sarraute Core Security Technologies and Ph.D. program in Informatics Engineering, ITBA Hackito Ergo Sum April 8-10, 2010 Brief presentation My

More information

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details Sub: Supply, Installation, setup and testing of Tenable Network Security Nessus vulnerability scanner professional version 6 or latest for scanning the LAN, VLAN, VPN and IPs with 3 years License/Subscription

More information

Institut Teknologi Bandung, Jl. Ganesha 10 Bandung 40553, Indonesia

Institut Teknologi Bandung, Jl. Ganesha 10 Bandung 40553, Indonesia Volume 3, Issue 9, September 2013 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com A Review of

More information

Enterprise Software Management Systems by Using Security Metrics

Enterprise Software Management Systems by Using Security Metrics Enterprise Software Management Systems by Using Security Metrics Bhanudas S. Panchabhai 1, A. N. Patil 2 1 Department of Computer Science, R. C. Patel Arts, Commerce and Science College, Shirpur, Maharashtra,

More information

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013 CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control

More information

Structuring a Vulnerability Description for Comprehensive Single System Security Analysis

Structuring a Vulnerability Description for Comprehensive Single System Security Analysis Structuring a Vulnerability Description for Comprehensive Single System Security Analysis Malgorzata Urbanska, Indrajit Ray, Adele E. Howe, Mark Roberts Computer Science Department Colorado State University

More information

VEA-bility Analysis of Network Diversification

VEA-bility Analysis of Network Diversification VEA-bility Analysis of Network Diversification Melanie Tupper Supervised by Nur Zincir-Heywood Faculty of Computer Science, Dalhousie University tupper@cs.dal.ca zincir@cs.dal.ca August 31, 2007 Abstract:

More information

Security Optimization of Dynamic Networks with Probabilistic Graph Modeling and Linear Programming

Security Optimization of Dynamic Networks with Probabilistic Graph Modeling and Linear Programming 1 Security Optimization of Dynamic Networks with Probabilistic Graph Modeling and Linear Programming Hussain M.J. Almohri, Member, IEEE, Layne T. Watson Fellow, IEEE, Danfeng (Daphne) Yao, Member, IEEE

More information

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks

More information

NIST Interagency Report 7788 Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs

NIST Interagency Report 7788 Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs NIST Interagency Report 7788 Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs Anoop Singhal Ximming Ou NIST Interagency Report 7788 Security Risk Analysis of Enterprise Networks

More information

FIREWALL POLICY November 2006 TNS POL - 008

FIREWALL POLICY November 2006 TNS POL - 008 FIREWALL POLICY November 2006 TNS POL - 008 Introduction Network Security Services (NSS), a department of Technology and Network Services, operates a firewall to enhance security between the Internet and

More information

Appalachian Regional Commission Evaluation Report. Table of Contents. Results of Evaluation... 1. Areas for Improvement... 2

Appalachian Regional Commission Evaluation Report. Table of Contents. Results of Evaluation... 1. Areas for Improvement... 2 Report No. 13-35 September 27, 2013 Appalachian Regional Commission Table of Contents Results of Evaluation... 1 Areas for Improvement... 2 Area for Improvement 1: The agency should implement ongoing scanning

More information

ISSN : 2347-7385. Asian Journal of Engineering and Technology Innovation 02 (05) 2014 (05-09) QR Code for Mobile users

ISSN : 2347-7385. Asian Journal of Engineering and Technology Innovation 02 (05) 2014 (05-09) QR Code for Mobile users ISSN : 2347-7385 Received on: 01-10-2014 Accepted on: 10-10-2014 Published on: 22-10-2014 Mehul Das Dept. of computerscience Dr.D.Y. PatilInsti. Of Engg. & Tech., Pune Email: Mehuldas3@gmail.com Vikram.jaygude20@gmail.com

More information

CDM Vulnerability Management (VUL) Capability

CDM Vulnerability Management (VUL) Capability CDM Vulnerability Management (VUL) Capability Department of Homeland Security Office of Cybersecurity and Communications Federal Network Resilience Vulnerability Management Continuous Diagnostics and Mitigation

More information

Quantitative Security Risk Analysis of Enterprise Systems: Techniques and Challenges Tutorial ICISS, December 2014

Quantitative Security Risk Analysis of Enterprise Systems: Techniques and Challenges Tutorial ICISS, December 2014 Quantitative Security Risk Analysis of Enterprise Systems: Techniques and Challenges Tutorial ICISS, December 2014 Anoop Singhal Computer Security Division National Institute of Standards and Technology

More information

A Novel Approach on Zero Day Attack Safety Using Different Scenarios

A Novel Approach on Zero Day Attack Safety Using Different Scenarios A Novel Approach on Zero Day Attack Safety Using Different Scenarios 1Shaik Yedulla Peer,2N. Mahesh, 3 R. Lakshmi Tulasi 2 Assist Professor, 3 Head of The Department sypeer@gmail.com Abstract-A zero day

More information

Modelling and Analysing Network Security Policies in a Given Vulnerability Setting

Modelling and Analysing Network Security Policies in a Given Vulnerability Setting Modelling and Analysing Network Security Policies in a Given Vulnerability Setting Roland Rieke Fraunhofer Institute for Secure Information Technology SIT, Darmstadt, Germany rieke@sit.fraunhofer.de Abstract.

More information

Using Vulnerable Hosts to Assess Cyber Security Risk in Critical Infrastructures

Using Vulnerable Hosts to Assess Cyber Security Risk in Critical Infrastructures Workshop on Novel Approaches to Risk and Security Management for Utility Providers and Critical Infrastructures Using Vulnerable Hosts to Assess Cyber Security Risk in Critical Infrastructures Xiaobing

More information

CDM Hardware Asset Management (HWAM) Capability

CDM Hardware Asset Management (HWAM) Capability CDM Hardware Asset Management (HWAM) Capability Department of Homeland Security Office of Cybersecurity and Communications Federal Network Resilience Table of Contents 1 PURPOSE AND SCOPE... 2 2 THREAT

More information

Metrics Suite for Enterprise-Level Attack Graph Analysis

Metrics Suite for Enterprise-Level Attack Graph Analysis Metrics Suite for Enterprise-Level Attack Graph Analysis Cyber Security Division 2012 Principal Investigators Meeting October 11, 2012 Sushil Jajodia (PI), Steven Noel (co-pi) Metrics Suite for Enterprise-Level

More information

Risk Analytics for Cyber Security

Risk Analytics for Cyber Security Risk Analytics for Cyber Security Justin Coker, VP EMEA, Skybox Security IT Challenges 2015, Belgium 2nd October 2014 www.skyboxsecurity.com justin.coker@skyboxsecurity.com +44 (0) 7831 691498 Risk Analytics

More information

VULNERABILITY SCANNERS: A PROACTIVE APPROACH TO ASSESS WEB APPLICATION SECURITY

VULNERABILITY SCANNERS: A PROACTIVE APPROACH TO ASSESS WEB APPLICATION SECURITY VULNERABILITY SCANNERS: A PROACTIVE APPROACH TO ASSESS WEB APPLICATION SECURITY Sheetal Bairwa 1, Bhawna Mewara 2 and Jyoti Gajrani 3 1,2,3 Department of Information Technology, Government Engineering

More information

Internet Firewall Vulnerability Analysis Method

Internet Firewall Vulnerability Analysis Method 1 Internet Firewall Vulnerability Analysis Method Cho Hong, LING Department of Computer Science, University of Auckland clin123@ec.auckland.ac.nz Abstract Firewall is the main defence of our network and

More information

Cisco Advanced Services for Network Security

Cisco Advanced Services for Network Security Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs

More information

Scan Report Executive Summary. Part 2. Component Compliance Summary IP Address : 69.43.165.11

Scan Report Executive Summary. Part 2. Component Compliance Summary IP Address : 69.43.165.11 Scan Report Executive Summary Part 1. Scan Information Scan Customer Company: Date scan was completed: rsync.net ASV Company: Comodo CA Limited 06-02-2015 Scan expiration date: 08-31-2015 Part 2. Component

More information

Computer Networks & Computer Security

Computer Networks & Computer Security Computer Networks & Computer Security Software Engineering 4C03 Project Report Hackers: Detection and Prevention Prof.: Dr. Kartik Krishnan Due Date: March 29 th, 2004 Modified: April 7 th, 2004 Std Name:

More information

Performance Impact of Connectivity Restrictions and Increased Vulnerability Presence on Automated Attack Graph Generation

Performance Impact of Connectivity Restrictions and Increased Vulnerability Presence on Automated Attack Graph Generation Performance Impact of Connectivity Restrictions and Increased Vulnerability Presence on Automated Attack Graph Generation James Cullum, Cynthia Irvine and Tim Levin Naval Postgraduate School, Monterey,

More information

Virtual Terrain: A Security-Based Representation of a Computer Network

Virtual Terrain: A Security-Based Representation of a Computer Network Virtual Terrain: A Security-Based Representation of a Computer Network Jared Holsopple* a, Shanchieh Yang b, Brian Argauer b a CUBRC, 4455 Genesee St, Buffalo, NY, USA 14225; b Dept. of Computer Engineering,

More information

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1 Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3

More information

CSE331: Introduction to Networks and Security. Lecture 18 Fall 2006

CSE331: Introduction to Networks and Security. Lecture 18 Fall 2006 CSE331: Introduction to Networks and Security Lecture 18 Fall 2006 Announcements Project 2 is due next Weds. Homework 2 has been assigned: It's due on Monday, November 6th. CSE331 Fall 2004 2 Attacker

More information

strategic white paper

strategic white paper strategic white paper AUTOMATED PLANNING FOR REMOTE PENETRATION TESTING Lloyd Greenwald and Robert Shanley LGS Innovations / Bell Labs Florham Park, NJ US In this work we consider the problem of automatically

More information

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0.

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0. Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0 Page 1 of 9 Table of Contents Table of Contents... 2 Executive Summary...

More information

IBM Managed Security Services Vulnerability Scanning:

IBM Managed Security Services Vulnerability Scanning: IBM Managed Security Services August 2005 IBM Managed Security Services Vulnerability Scanning: Understanding the methodology and risks Jerry Neely Network Security Analyst, IBM Global Services Page 2

More information

Critical Infrastructure Security: The Emerging Smart Grid. Cyber Security Lecture 5: Assurance, Evaluation, and Compliance Carl Hauser & Adam Hahn

Critical Infrastructure Security: The Emerging Smart Grid. Cyber Security Lecture 5: Assurance, Evaluation, and Compliance Carl Hauser & Adam Hahn Critical Infrastructure Security: The Emerging Smart Grid Cyber Security Lecture 5: Assurance, Evaluation, and Compliance Carl Hauser & Adam Hahn Overview Assurance & Evaluation Security Testing Approaches

More information

EXTRA. Vulnerability scanners are indispensable both VULNERABILITY SCANNER

EXTRA. Vulnerability scanners are indispensable both VULNERABILITY SCANNER Vulnerability scanners are indispensable both for vulnerability assessments and penetration tests. One of the first things a tester does when faced with a network is fire up a network scanner or even several

More information

Web Plus Security Features and Recommendations

Web Plus Security Features and Recommendations Web Plus Security Features and Recommendations (Based on Web Plus Version 3.x) Centers for Disease Control and Prevention National Center for Chronic Disease Prevention and Health Promotion Division of

More information

Overview Commitment to Energy and Utilities Robert Held Sr. Systems Engineer Strategic Energy August 2015

Overview Commitment to Energy and Utilities Robert Held Sr. Systems Engineer Strategic Energy August 2015 Overview Commitment to Energy and Utilities Robert Held Sr. Systems Engineer Strategic Energy August 2015 Tripwire Evolution 18+ Years of Innovation 1997 Tripwire File System Monitoring from open source

More information

SNI Vulnerability Assessment Report

SNI Vulnerability Assessment Report SI Vulnerability Assessment Report Generated sample report Automated Infrastructure Discovery and Analysis Scan period 2009-04-07 10:31-2009-04-07 11:27 umber of scanned hosts 12 umber of hosts requiring

More information

Statistical Analysis of Computer Network Security. Goran Kap and Dana Ali

Statistical Analysis of Computer Network Security. Goran Kap and Dana Ali Statistical Analysis of Computer Network Security Goran Kap and Dana Ali October 7, 2013 Abstract In this thesis it is shown how to measure the annual loss expectancy of computer networks due to the risk

More information

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to

More information

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB Conducted: 29 th March 5 th April 2007 Prepared By: Pankaj Kohli (200607011) Chandan Kumar (200607003) Aamil Farooq (200505001) Network Audit Table of

More information

Hackers: Detection and Prevention

Hackers: Detection and Prevention Computer Networks & Computer Security SE 4C03 Project Report Hackers: Detection and Prevention Due Date: March 29 th, 2005 Modified: March 28 th, 2005 Student Name: Arnold Sebastian Professor: Dr. Kartik

More information

GFI White Paper PCI-DSS compliance and GFI Software products

GFI White Paper PCI-DSS compliance and GFI Software products White Paper PCI-DSS compliance and Software products The Payment Card Industry Data Standard () compliance is a set of specific security standards developed by the payment brands* to help promote the adoption

More information

Commissioners Irving A. Williamson, Chairman Daniel R. Pearson Shara L. Aranoff Dean A. Pinkert David S. Johanson Meredith M.

Commissioners Irving A. Williamson, Chairman Daniel R. Pearson Shara L. Aranoff Dean A. Pinkert David S. Johanson Meredith M. The U.S. International Trade Commission is an independent, nonpartisan, quasi-judicial federal agency that provides trade expertise to both the legislative and executive branches of government, determines

More information

Security Optimization of Dynamic Networks with Probabilistic Graph Modeling and Linear Programming

Security Optimization of Dynamic Networks with Probabilistic Graph Modeling and Linear Programming 1 Security Optimization of Dynamic Networks with Probabilistic Graph Modeling and Linear Programming Hussain M.J. Almohri, Member, IEEE, Layne T. Watson, Danfeng (Daphne) Yao, Member, IEEE and Xinming

More information

IS TEST 3 - TIPS FOUR (4) levels of detective controls offered by intrusion detection system (IDS) methodologies. First layer is typically responsible for monitoring the network and network devices. NIDS

More information

1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained

1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained home Network Vulnerabilities Detail Report Grouped by Vulnerability Report Generated by: Symantec NetRecon 3.5 Licensed to: X Serial Number: 0182037567 Machine Scanned from: ZEUS (192.168.1.100) Scan Date:

More information

End-user Security Analytics Strengthens Protection with ArcSight

End-user Security Analytics Strengthens Protection with ArcSight Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security

More information

Network and Host-based Vulnerability Assessment

Network and Host-based Vulnerability Assessment Network and Host-based Vulnerability Assessment A guide for information systems and network security professionals 6600 Peachtree-Dunwoody Road 300 Embassy Row Atlanta, GA 30348 Tel: 678.443.6000 Toll-free:

More information

Payment Card Industry (PCI) Executive Report 08/04/2014

Payment Card Industry (PCI) Executive Report 08/04/2014 Payment Card Industry (PCI) Executive Report 08/04/2014 ASV Scan Report Attestation of Scan Compliance Scan Customer Information Approved Scanning Vendor Information Company: A.B. Yazamut Company: Qualys

More information

Application Security Policy

Application Security Policy Purpose This document establishes the corporate policy and standards for ensuring that applications developed or purchased at LandStar Title Agency, Inc meet a minimum acceptable level of security. Policy

More information

Cisco IPS Tuning Overview

Cisco IPS Tuning Overview Cisco IPS Tuning Overview Overview Increasingly sophisticated attacks on business networks can impede business productivity, obstruct access to applications and resources, and significantly disrupt communications.

More information

CSE331: Introduction to Networks and Security. Lecture 17 Fall 2006

CSE331: Introduction to Networks and Security. Lecture 17 Fall 2006 CSE331: Introduction to Networks and Security Lecture 17 Fall 2006 Announcements Project 2 is due next Weds. Homework 2 has been assigned: It's due on Monday, November 6th. CSE331 Fall 2004 2 Summary:

More information

What a Vulnerability Assessment Scanner Can t Tell You. Leveraging Network Context to Prioritize Remediation Efforts and Identify Options

What a Vulnerability Assessment Scanner Can t Tell You. Leveraging Network Context to Prioritize Remediation Efforts and Identify Options White paper What a Vulnerability Assessment Scanner Can t Tell You Leveraging Network Context to Prioritize Remediation Efforts and Identify Options november 2011 WHITE PAPER RedSeal Networks, Inc. 3965

More information

Penetration Testing Report Client: Business Solutions June 15 th 2015

Penetration Testing Report Client: Business Solutions June 15 th 2015 Penetration Testing Report Client: Business Solutions June 15 th 2015 Acumen Innovations 80 S.W 8 th St Suite 2000 Miami, FL 33130 United States of America Tel: 1-888-995-7803 Email: info@acumen-innovations.com

More information

Measuring the Overall Security of Network Configurations Using Attack Graphs

Measuring the Overall Security of Network Configurations Using Attack Graphs Measuring the Overall Security of Network Configurations Using Attack Graphs Lingyu Wang 1, Anoop Singhal 2, and Sushil Jajodia 3 1 Concordia Institute for Information Systems Engineering Concordia University

More information

Basics of Internet Security

Basics of Internet Security Basics of Internet Security Premraj Jeyaprakash About Technowave, Inc. Technowave is a strategic and technical consulting group focused on bringing processes and technology into line with organizational

More information

Five Steps to Improve Internal Network Security. Chattanooga ISSA

Five Steps to Improve Internal Network Security. Chattanooga ISSA Five Steps to Improve Internal Network Security Chattanooga ISSA 1 Find Me AverageSecurityGuy.info @averagesecguy stephen@averagesecurityguy.info github.com/averagesecurityguy ChattSec.org 2 Why? The methodical

More information

Building A Secure Microsoft Exchange Continuity Appliance

Building A Secure Microsoft Exchange Continuity Appliance Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building

More information

Guidelines for Website Security and Security Counter Measures for e-e Governance Project

Guidelines for Website Security and Security Counter Measures for e-e Governance Project and Security Counter Measures for e-e Governance Project Mr. Lalthlamuana PIO, DoICT Background (1/8) Nature of Cyber Space Proliferation of Information Technology Rapid Growth in Internet Increasing Online

More information

Directory and File Transfer Services. Chapter 7

Directory and File Transfer Services. Chapter 7 Directory and File Transfer Services Chapter 7 Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP over traditional authentication systems Identify major

More information

Analyzing HTTP/HTTPS Traffic Logs

Analyzing HTTP/HTTPS Traffic Logs Advanced Threat Protection Automatic Traffic Log Analysis APTs, advanced malware and zero-day attacks are designed to evade conventional perimeter security defenses. Today, there is wide agreement that

More information

Advanced Vulnerability Analysis and Intrusion Detection Through Predictive Attack Graphs

Advanced Vulnerability Analysis and Intrusion Detection Through Predictive Attack Graphs Advanced Vulnerability Analysis and Intrusion Detection Through Predictive Attack Graphs Steven Noel and Sushil Jajodia Center for Secure Information Systems, George Mason University, Fairfax, VA, USA

More information

This chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How

This chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How This chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How Network Security Is Breached Network Security Policy

More information

Understanding Security Testing

Understanding Security Testing Understanding Security Testing Choosing between vulnerability assessments and penetration testing need not be confusing or onerous. Arian Eigen Heald, M.A., Ms.IA., CNE, CISA, CISSP I. Introduction Many

More information

Self-Defending Approach of a Network

Self-Defending Approach of a Network Self-Defending Approach of a Network Anshuman Kumar 1, Abhilash Kamtam 2, Prof. U. C. Patkar 3 (Guide) 1Bharati Vidyapeeth's College of Engineering Lavale, Pune-412115, India 2Bharati Vidyapeeth's College

More information

Vulnerability Scan. January 6, 2015

Vulnerability Scan. January 6, 2015 Vulnerability Scan January 6, 2015 Results of Vulnerability Security Scan The results of your Ethos Info Vulnerability Security Scan are detailed below. The scan ran from Sat Dec 27 07:07:00 2014 UTC until

More information

Evaluation Report. Office of Inspector General

Evaluation Report. Office of Inspector General Evaluation Report OIG-08-035 INFORMATION TECHNOLOGY: Network Security at the Office of the Comptroller of the Currency Needs Improvement June 03, 2008 Office of Inspector General Department of the Treasury

More information

Running head: USING NESSUS AND NMAP TOOLS 1

Running head: USING NESSUS AND NMAP TOOLS 1 Running head: USING NESSUS AND NMAP TOOLS 1 Nessus and Nmap Overview - Scanning Networks Research Paper On Nessus and Nmap Mike Pergande Ethical Hacking North Iowa Area Community College Running head:

More information

Introduction to Laboratory Assignment 3 Vulnerability scanning with OpenVAS

Introduction to Laboratory Assignment 3 Vulnerability scanning with OpenVAS Introduction to Laboratory Assignment 3 Vulnerability scanning with OpenVAS Computer Security Course EDA263 / DIT641 Chalmers University of Technology February 12 th, 2015 Vulnerability assessment? Overview

More information

Automation Suite for. 201 CMR 17.00 Compliance

Automation Suite for. 201 CMR 17.00 Compliance WHITEPAPER Automation Suite for Assurance with LogRhythm The Massachusetts General Law Chapter 93H regulation 201 CMR 17.00 was enacted on March 1, 2010. The regulation was developed to safeguard personal

More information

EXPLORING VULNERABILITIES IN NETWORKED TELEMETRY

EXPLORING VULNERABILITIES IN NETWORKED TELEMETRY EXPLORING VULNERABILITIES IN NETWORKED TELEMETRY Authors: Felix Shonubi, Ciara Lynton, Joshua Odumosu, Daryl Moten Advisors: Dr. Richard Dean, Dr. Farzad Moazzami and Dr. Yacob Astatke Department of Electrical

More information

Assuria Auditor The Configuration Assurance, Vulnerability Assessment, Change Detection and Policy Compliance Reporting Solution for Enterprise

Assuria Auditor The Configuration Assurance, Vulnerability Assessment, Change Detection and Policy Compliance Reporting Solution for Enterprise Assuria Auditor The Configuration Assurance, Vulnerability Assessment, Change Detection and Policy Compliance Reporting Solution for Enterprise 1. Introduction Information security means protecting information

More information

Penetration Testing. Presented by

Penetration Testing. Presented by Penetration Testing Presented by Roadmap Introduction to Pen Testing Types of Pen Testing Approach and Methodology Side Effects Demonstration Questions Introduction and Fundamentals Penetration Testing

More information

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014 Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security

More information

Penetration Testing. NTS330 Unit 1 Penetration V1.0. February 20, 2011. Juan Ortega. Juan Ortega, juaorteg@uat.edu. 1 Juan Ortega, juaorteg@uat.

Penetration Testing. NTS330 Unit 1 Penetration V1.0. February 20, 2011. Juan Ortega. Juan Ortega, juaorteg@uat.edu. 1 Juan Ortega, juaorteg@uat. 1 Penetration Testing NTS330 Unit 1 Penetration V1.0 February 20, 2011 Juan Ortega Juan Ortega, juaorteg@uat.edu 1 Juan Ortega, juaorteg@uat.edu 2 Document Properties Title Version V1.0 Author Pen-testers

More information

Running a Default Vulnerability Scan

Running a Default Vulnerability Scan Running a Default Vulnerability Scan A Step-by-Step Guide www.saintcorporation.com Examine. Expose. Exploit. Welcome to SAINT! Congratulations on a smart choice by selecting SAINT s integrated vulnerability

More information

Network Vulnerability Assessment Report Sorted by host names

Network Vulnerability Assessment Report Sorted by host names Netwk Vulnerability Assessment Rept Sted by host names Session name: IDC_NC Advance Total recds generated: 21 high severity: 21 Medium severity: 0 infmational: 0 Start time: 30.08.2005 11:53:50 Finish

More information

Attack Graph based Evaluation of Network Security

Attack Graph based Evaluation of Network Security Attack Graph based Evaluation of Network Security Igor Kotenko and Mikhail Stepashkin SPIIRAS, 39, 14 Liniya, St.-Petersburg, 199178, Russia {ivkote, stepashkin}@comsec.spb.ru Abstract. The perspective

More information

Detection and mitigation of Web Services Attacks using Markov Model

Detection and mitigation of Web Services Attacks using Markov Model Detection and mitigation of Web Services Attacks using Markov Model Vivek Relan RELAN1@UMBC.EDU Bhushan Sonawane BHUSHAN1@UMBC.EDU Department of Computer Science and Engineering, University of Maryland,

More information

Automotive Ethernet Security Testing. Alon Regev and Abhijit Lahiri

Automotive Ethernet Security Testing. Alon Regev and Abhijit Lahiri Automotive Ethernet Security Testing Alon Regev and Abhijit Lahiri 1 Automotive Network Security Cars are evolving Number of ECUs, sensors, and interconnects is growing Moving to Ethernet networks utilizing

More information

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems Course: Information Security Management in e-governance Day 1 Session 5: Securing Data and Operating systems Agenda Introduction to information, data and database systems Information security risks surrounding

More information

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities Learning Objectives Name the common categories of vulnerabilities Discuss common system

More information