• Title/Summary/Keyword: network vulnerability analysis

Search Result 178, Processing Time 0.022 seconds

A quantitative assessment method of network information security vulnerability detection risk based on the meta feature system of network security data

  • Lin, Weiwei;Yang, Chaofan;Zhang, Zeqing;Xue, Xingsi;Haga, Reiko
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.15 no.12
    • /
    • pp.4531-4544
    • /
    • 2021
  • Because the traditional network information security vulnerability risk assessment method does not set the weight, it is easy for security personnel to fail to evaluate the value of information security vulnerability risk according to the calculation value of network centrality, resulting in poor evaluation effect. Therefore, based on the network security data element feature system, this study designed a quantitative assessment method of network information security vulnerability detection risk under single transmission state. In the case of single transmission state, the multi-dimensional analysis of network information security vulnerability is carried out by using the analysis model. On this basis, the weight is set, and the intrinsic attribute value of information security vulnerability is quantified by using the qualitative method. In order to comprehensively evaluate information security vulnerability, the efficacy coefficient method is used to transform information security vulnerability associated risk, and the information security vulnerability risk value is obtained, so as to realize the quantitative evaluation of network information security vulnerability detection under single transmission state. The calculated values of network centrality of the traditional method and the proposed method are tested respectively, and the evaluation of the two methods is evaluated according to the calculated results. The experimental results show that the proposed method can be used to calculate the network centrality value in the complex information security vulnerability space network, and the output evaluation result has a high signal-to-noise ratio, and the evaluation effect is obviously better than the traditional method.

Simulation-based Network Vulnerability Analysis Using the SIMVA (SIMVA를 이용한 시뮬레이션 기반의 네트워크 취약성 분석)

  • You Yong-Jun;Lee Jang-Se;Chi Sung-Do
    • Journal of the Korea Society for Simulation
    • /
    • v.13 no.3
    • /
    • pp.21-29
    • /
    • 2004
  • The major objective of this paper is to analyze network vulnerabilities using the SIMVA (SIMualtion-based Vulnerability Analyzer). SIMVA is capable of monitor network status and analyze vulnerabilities automatically. To do this, we have employed the advanced modeling and simulation concepts such as SES/MB (System Entity Structure / Model Base) framework, DEVS (Discrete Event System Specification) formalism, and experimental frame for developing network security models and simulation-based analysis of vulnerability. SIMVA can analyze static vulnerability as well as dynamic vulnerability consistently and quantitatively. In this paper, we verified and tested the capability of application of SIMVA by slammer worm attack scenario.

  • PDF

An Automatic Network Vulnerability Analysis System using Multiple Vulnerability Scanners (다양한 취약점 점검 도구를 이용한 자동화된 네트워크 취약점 통합 분석 시스템 설계)

  • Yoon, Jun;Sim, Won-Tae
    • Journal of KIISE:Computing Practices and Letters
    • /
    • v.14 no.2
    • /
    • pp.246-250
    • /
    • 2008
  • This paper presents the design of network vulnerability analysis system which can integrate various vulnerability assessment tools to improve the preciseness of the vulnerability scan result. Manual checking method performed by a security expert is the most precise and safe way. But this is not appropriate for the large-scale network which has a lot of systems and network devices. Therefore automatic scanning tool is recommended for fast and convenient use. The scanning targets may be different according to the kind of vulnerability scanners, or otherwise even for the same scanning target, the scanning items and the scanning results may be different by each vulnerability scanner, Accordingly, there are the cases in which various scanners, instead of a single scanner, are simultaneously utilized with the purpose of complementing each other. However, in the case of simultaneously utilizing various scanners on the large-scale network, the integrative analysis and relevance analysis on vulnerability information by a security manager becomes time-consumable or impossible. The network vulnerability analysis system suggested in this paper provides interface which allows various vulnerability assessment tools to easily be integrated, common policy which can be applied for various tools at the same time, and automated integrative process.

Method of Vulnerability Analysis from Layer Scanning (Layer별 Scanning을 사용한 취약성 분석 방법)

  • Chun, Woo-Sung;Park, Dea-Woo
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2010.05a
    • /
    • pp.277-280
    • /
    • 2010
  • Network based on the OSI 7 Layer communication protocol is implemented, and the Internet TCP / IP Layer Based on the vulnerability is discovered and attacked. In this paper, using the programs on the network Layer Scanning conducted by the Layer-by each subsequent vulnerability analysis. Layer by Scanning each vulnerability analysis program to analyze the differences will be studied. Scanning for the studies in the program reflects the characteristics of the Scanning Features of way, and security countermeasures by each Layer is presented. The results of this study was to analyze its vulnerability to hackers and security for defense policy as the data is utilized to enhance the security of the network will contribute.

  • PDF

Vulnerability Assessment of a Large Sized Power System Using Neural Network Considering Various Feature Extraction Methods

  • Haidar, Ahmed M. A;Mohamed, Azah;Hussian, Aini
    • Journal of Electrical Engineering and Technology
    • /
    • v.3 no.2
    • /
    • pp.167-176
    • /
    • 2008
  • Vulnerability assessment of power systems is important so as to determine their ability to continue to provide service in case of any unforeseen catastrophic contingency such as power system component failures, communication system failures, human operator error, and natural calamity. An approach towards the development of on-line power system vulnerability assessment is by means of using an artificial neural network(ANN), which is being used successfully in many areas of power systems because of its ability to handle the fusion of multiple sources of data and information. An important consideration when applying ANN in power system vulnerability assessment is the proper selection and dimension reduction of training features. This paper aims to investigate the effect of using various feature extraction methods on the performance of ANN as well as to evaluate and compare the efficiency of the proposed feature extraction method named as neural network weight extraction. For assessing vulnerability of power systems, a vulnerability index based on power system loss is used and considered as the ANN output. To illustrate the effectiveness of ANN considering various feature extraction methods for vulnerability assessment on a large sized power system, it is verified on the IEEE 300-bus test system.

A Source Code Cross-site Scripting Vulnerability Detection Method

  • Mu Chen;Lu Chen;Zhipeng Shao;Zaojian Dai;Nige Li;Xingjie Huang;Qian Dang;Xinjian Zhao
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.17 no.6
    • /
    • pp.1689-1705
    • /
    • 2023
  • To deal with the potential XSS vulnerabilities in the source code of the power communication network, an XSS vulnerability detection method combining the static analysis method with the dynamic testing method is proposed. The static analysis method aims to analyze the structure and content of the source code. We construct a set of feature expressions to match malignant content and set a "variable conversion" method to analyze the data flow of the code that implements interactive functions. The static analysis method explores the vulnerabilities existing in the source code structure and code content. Dynamic testing aims to simulate network attacks to reflect whether there are vulnerabilities in web pages. We construct many attack vectors and implemented the test in the Selenium tool. Due to the combination of the two analysis methods, XSS vulnerability discovery research could be conducted from two aspects: "white-box testing" and "black-box testing". Tests show that this method can effectively detect XSS vulnerabilities in the source code of the power communication network.

Simulation-based Network Vulnerability Analysis Using the SIMVA (SIMVA를 이용한 시뮬레이션 기반의 네트워크 취약성 분석)

  • 유용준;이장세;지승도
    • Proceedings of the Korea Society for Simulation Conference
    • /
    • 2004.05a
    • /
    • pp.13-19
    • /
    • 2004
  • 본 논문은 SIMVA(Simulation Vulnerability Analyzer)를 이용한 시뮬레이션 기반의 네트워크 취약성 분석을 주목적으로 한다 SIMVA는 네트워크 상태를 감시하고, 이를 토대로 취약성을 분석하기 위하여 개발된 S/W로서, SES/MB (System Entity Structure / Model Base) 프레임워크 및 DEVS(Discrete Event System Specification) 이론을 적용하여 네트워크 보안 모델링을 수행할 수 있으며, 취약성 메트릭스를 통하여 정량적으로 취약성을 분석할 수 있다. 본 연구에서는 SIMVA를 이용하여 최근 네트워크 보안 문제에 심각한 영향을 미치는 슬래머 웜 공격 시나리오에 대한 취약성 분석을 수행함으로써 SIMVA의 검증 및 적용 가능성을 제시한다.

  • PDF

Assessing Vulnerability and Risk of Sensor Networks under Node Compromise (Node Compromise에 대한 무선 센서 네트워크의 취약성 및 위험 평가)

  • Park, Jong-Sou;Suh, Yoon-Kyung;Lee, Seul-Ki;Lee, Jang-Se;Kim, Dong-Seong
    • Convergence Security Journal
    • /
    • v.7 no.4
    • /
    • pp.51-60
    • /
    • 2007
  • It is important to assess vulnerability of network and information system to countermeasure against a variety of attack in effective and efficient way. But vulnerability and risk assessment methodology for network and information systems could not be directly applied to sensor networks because sensor networks have different properties compared to traditional network and information system. This paper proposes a vulnerability assessment framework for cluster based sensor networks. The vulnerability assessment for sensor networks is presented. Finally, the case study in cluster based sensor networks is described to show possibility of the framework.

  • PDF

Comparative Analysis of Network-based Vulnerability Scanner for application in Nuclear Power Plants (원전 적용을 위한 네트워크 기반 취약점 스캐너의 비교 분석)

  • Lim, Su-chang;Kim, Do-yeon
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.22 no.10
    • /
    • pp.1392-1397
    • /
    • 2018
  • Nuclear power plants(NPPs) are protected as core facilities managed by major countries. Applying general IT technology to facilities of NPPs, the proportion of utilizing the digitized resources for the rest of the assets except for the existing installed analog type operating resources is increasing. Using the network to control the IT assets of NPPs can provide significant benefits, but the potential vulnerability of existing IT resources can lead to significant cyber security breaches that threaten the entire NPPs. In this paper, we analyze the nuclear cyber security vulnerability regulatory requirements, characteristics of existing vulnerability scanners and their requirements and investigate commercial and free vulnerability scanners. Based on the proposed application method, we can improve the efficiency of checking the network security vulnerability of NPPs when applying vulnerability scanner to NPPs.

SIEM OWASP-ZAP and ANGRY-IP Vulnerability Analysis Module and Interlocking (SIEM과 OWASP-ZAP및ANGRY-IP취약점분석모듈과 연동구현)

  • Yoon, Jong Moon
    • Convergence Security Journal
    • /
    • v.19 no.2
    • /
    • pp.83-89
    • /
    • 2019
  • In accordance with information security compliance and security regulations, there is a need to develop regular and real-time concepts for cyber-infringement attacks against network system vulnerabilities in branch and periodic forms. Vulnerability Analysis Analysis It is judged that it will be a countermeasure against new hacking attack in case of concept validation by interworking with TOOL. Vulnerability check module is standardized in event attribute management and ease of operation. Opening in terms of global sharing of vulnerability data, owasp zap / Angry ip Etc. were investigated in the SIEM system with interlocking design implementation method. As a result, it was proved that the inspection events were monitored and transmitted to the SIEM console by the vulnerability module of web and network target. In consideration of this, ESM And SIEM system In this paper, we propose a new vulnerability analysis method based on the existing information security consultation and the results of applying this study. Refer to the integrated interrelationship analysis and reference Vulnerability target Goal Hacking It is judged to be a new active concept against invasion attack.