Journal of Information Processing Systems

  • 제11권1호
  • /
  • Pages.104-115
  • /
  • 2015
  • /
  • 1976-913X(pISSN)
  • /
  • 2092-805X(eISSN)
한국정보처리학회 (Korea Information Processing Society)
권호 표지
DOI QR코드

DOI QR Code

Penetration Testing and Network Auditing: Linux

  • Stiawan, Deris (Dept. Computer Engineering, Faculty of Computer Science, Sriwijaya University) ;
  • Idris, Mohd. Yazid (Department of Computing, Universiti Teknologi Malaysia) ;
  • Abdullah, Abdul Hanan (Department of Computing, Universiti Teknologi Malaysia)
  • 투고 : 2013.10.28
  • 심사 : 2013.12.23
  • 발행 : 2015.03.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

Along with the evolution of Internet and its new emerging services, the quantity and impact of attacks have been continuously increasing. Currently, the technical capability to attack has tended to decrease. On the contrary, performances of hacking tools are evolving, growing, simple, comprehensive, and accessible to the public. In this work, network penetration testing and auditing of the Redhat operating system (OS) are highlighted as one of the most popular OS for Internet applications. Some types of attacks are from a different side and new attack method have been attempted, such as: scanning for reconnaissance, guessing the password, gaining privileged access, and flooding the victim machine to decrease availability. Some analyses in network auditing and forensic from victim server are also presented in this paper. Our proposed system aims confirmed as hackable or not and we expect for it to be used as a reference for practitioners to protect their systems from cyber-attacks.

키워드

참고문헌

  1. E. G. Amoroso, "Cyber attacks: awareness," Network Security, vol. 2011, pp. 10-16, 2011.
  2. G. Kenneth, "The challenge of cyber attack deterrence," Computer Law & Security Review, vol. 26, pp. 298-303, 2010. https://doi.org/10.1016/j.clsr.2010.03.003
  3. W. Kim, O.-R. Jeong, C. Kim, and J. So, "The dark side of the Internet: Attacks, costs and responses," Information Systems, vol. 36, pp. 675-705, 2011. https://doi.org/10.1016/j.is.2010.11.003
  4. G. Kenneth, "Cyber Weapons Convention," Computer Law & Security Review, vol. 26, pp. 547-551, 2010. https://doi.org/10.1016/j.clsr.2010.07.005
  5. S. Zhang, J. Li, X. Chen, and L. Fan, "Building network attack graph for alert causal correlation," Computers & Security, vol. 27, pp. 188-196, 2008. https://doi.org/10.1016/j.cose.2008.05.005
  6. C. Wang, N. Du, and H. Yang, "Generation and Analysis of Attack Graphs," Procedia Engineering, vol. 29, pp. 4053-4057, 2012. https://doi.org/10.1016/j.proeng.2012.01.618
  7. H. Gascon, A. Orfila, and J. Blasco, "Analysis of update delays in signature-based network intrusion detection systems," vol. 30, pp. 613-624, 2011. https://doi.org/10.1016/j.cose.2011.08.010
  8. H. Holm, "Performance of automated network vulnerability scanning at remediating security issues," Computers & Security, vol. 31, pp. 164-175, 2012. https://doi.org/10.1016/j.cose.2011.12.014
  9. K. Helkala, N. Svendsen, P. Thorsheim, and A. Wiehe, "Cracking Associative Passwords," in Secure IT Systems. vol. 7617, A. Josang and B. Carlsson, Eds., ed: Springer Berlin Heidelberg, 2012, pp. 153-168.
  10. R. Beghdad, "Efficient deterministic method for detecting new U2R attacks," Computer Communications, vol. 32, pp. 1104-1110, 2009. https://doi.org/10.1016/j.comcom.2008.12.037
  11. S. S. C. Silva, R. M. P. Silva, R. C. G. Pinto, and R. M. Salles, "Botnets: A survey," COMPUTER NETWORKS, vol. 57, pp. 378-403, 2013. https://doi.org/10.1016/j.comnet.2012.07.021
  12. P. C. Hershey and C. B. Silio, "Procedure for detection of and response to Distributed Denial of Service cyber attacks on complex enterprise systems," in Systems Conference (SysCon), 2012 IEEE International, 2012, pp. 1-6.
  13. PCRG. (2012). Intrusion & Threat Detection Universiti Teknologi Malaysia Dataset (ITD UTM). Available: http://pcrg-utm.org/dataset/
  14. N. Hubballi, S. Biswas, S. Roopa, R. Ratti, and S. Nandi, "LAN attack detection using Discrete Event Systems," ISA Transactions, vol. 50, pp. 119-130, 2011. https://doi.org/10.1016/j.isatra.2010.08.003
  15. C. P. software. (2012). Riverbed$^{(R)}$ Cascade$^{(R)}$ Pilot software. Available: http://www.riverbed.com/us/products/cascade/cascade_pilot.php
  16. L. Yang and D. Weng, "Snort-based Campus Network Security Intrusion Detection System Information Engineering and Applications." vol. 154, R. Zhu and Y. Ma, Eds., ed: Springer London, 2012, pp. 824-831.