- International Journal of Information Security Science
- Volume:4 Issue:3
- Beyond Internet Scanning: Non-Intrusive Vulnerability Assessment of Internet-Facing Services
Beyond Internet Scanning: Non-Intrusive Vulnerability Assessment of Internet-Facing Services
Authors : Bela GENGE, Piroska HALLER, Calin ENACHESCU
Pages : 81-91
View : 38 | Download : 10
Publication Date : 2015-09-29
Article Type : Research Paper
Abstract :Nowadays, the increasing number of devices and services that require a direct Internet access, creates new security challenges. These challenges need to meet user feature-based requirements with the companies` restrictive security policies. Therefore, security administrators need to adopt novel tools in order to quickly and non-intrusively verify the degree of exposure of Internet-facing services. In this respect, we find tools such as Shodan and ZMap which enable scanning of services at an Internet-scale. This paper presents a methodology that expands the feature delivered by such tools with automated vulnerability assessment capabilities. The proposed methodology builds on the results returned by Shodan, which are analyzed in order to automatically identify known vulnerabilities from National Vulnerability Database. Experiments conducted on five university-type institutions revealed the effectiveness of the proposed approach and the high degree of service exposure which may require immediate, yet simple service sanitizing security measures.Keywords : Vulnerability assessment, Internet scanning, Common Platform Enumeration CPE, Common Vulnerability and
ORIGINAL ARTICLE URL