Performance of automated network vulnerability scanning at remediating security issues

被引:15
|
作者
Holm, Hannes [1 ]
机构
[1] Royal Inst Technol, Ind Informat & Control Syst, SE-10044 Stockholm, Sweden
来源
COMPUTERS & SECURITY | 2012年 / 31卷 / 02期
关键词
Network security; Security tools; Vulnerabilities; Vulnerability remediation; Vulnerability detection;
D O I
10.1016/j.cose.2011.12.014
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper evaluates how large portion of an enterprises network security holes that would be remediated if one would follow the remediation guidelines provided by seven automated network vulnerability scanners. Remediation performance was assessed for both authenticated and unauthenticated scans. The overall findings suggest that a vulnerability scanner is a usable security assessment tool, given that credentials are available for the systems in the network. However, there are issues with the method: manual effort is needed to reach complete accuracy and the remediation guidelines are oftentimes very cumbersome to study. Results also show that a scanner more accurate in terms of remediating vulnerabilities generally also is better at detecting vulnerabilities, but is in turn also more prone to false alarms. This is independent of whether the scanner is provided system credentials or not. (c) 2012 Elsevier Ltd. All rights reserved.
引用
收藏
页码:164 / 175
页数:12
相关论文
共 50 条
  • [11] Analysis and Protection of Computer Network Security Issues
    Ju Jinquan
    Al-Absi, Mohammed Abdulhakim
    Al-Absi, Ahmed Abdulhakim
    Lee, Hoon Jae
    2020 22ND INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION TECHNOLOGY (ICACT): DIGITAL SECURITY GLOBAL AGENDA FOR SAFE SOCIETY!, 2020, : 577 - 580
  • [12] Network Architecture and Security Issues in Campus Networks
    Bin Ali, Mohammed Nadir
    Rahman, M. Lutfar
    Hossain, Syed Akhter
    2013 FOURTH INTERNATIONAL CONFERENCE ON COMPUTING, COMMUNICATIONS AND NETWORKING TECHNOLOGIES (ICCCNT), 2013,
  • [13] Brief Analysis for Network Security Issues in Computing Power Network
    Lan, Shizhan
    Huang, Jing
    EMERGING NETWORKING ARCHITECTURE AND TECHNOLOGIES, ICENAT 2022, 2023, 1696 : 298 - 311
  • [14] Research On SVM Detection Of Network Intrusion Based On Vulnerability Scanning
    Yang, Jie
    SEVENTH WUHAN INTERNATIONAL CONFERENCE ON E-BUSINESS, VOLS I-III, 2008, : 1286 - 1291
  • [15] Automated Software Vulnerability Detection Based on Hybrid Neural Network
    Li, Xin
    Wang, Lu
    Xin, Yang
    Yang, Yixian
    Tang, Qifeng
    Chen, Yuling
    APPLIED SCIENCES-BASEL, 2021, 11 (07):
  • [16] Design and Implement of Common Network Security Scanning System
    Liu, Wentao
    2009 INTERNATIONAL SYMPOSIUM ON INTELLIGENT UBIQUITOUS COMPUTING AND EDUCATION, 2009, : 148 - 151
  • [17] Research on Security Issues and Protection Strategy of Computer Network
    Zhu, Min
    Luo, Yong-jian
    Yang, Jun-qiang
    Xing, Ming-shun
    Zhao, Jing
    PROCEEDINGS OF THE 2ND INTERNATIONAL CONFERENCE ON ADVANCES IN MECHANICAL ENGINEERING AND INDUSTRIAL INFORMATICS (AMEII 2016), 2016, 73 : 284 - 287
  • [18] Security Issues of IPv6 Network Autoconfiguration
    Rostanski, Maciej
    Mushynskyy, Taras
    COMPUTER INFORMATION SYSTEMS AND INDUSTRIAL MANAGEMENT, CISIM 2013, 2013, 8104 : 218 - 228
  • [19] Security Issues in Mobile Adhoc Network: A Survey Paper
    Sharma, Vishnu
    Vij, Akansha
    2016 IEEE INTERNATIONAL CONFERENCE ON COMPUTING, COMMUNICATION AND AUTOMATION (ICCCA), 2016, : 561 - 566
  • [20] Ethical Hacking and Network Defense: Choose Your Best Network Vulnerability Scanning Tool
    Wang, Yien
    Yang, Jianhua
    2017 31ST IEEE INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS WORKSHOPS (IEEE WAINA 2017), 2017, : 110 - 113
12345