Další formáty:
BibTeX
LaTeX
RIS
@inproceedings{39021, author = {Laštovička, Martin and Husák, Martin and Sadlek, Lukáš}, address = {Budapest, Hungary}, booktitle = {NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium}, doi = {http://dx.doi.org/10.1109/NOMS47738.2020.9110394}, keywords = {network scanning; network monitoring; vulnerability assessment}, howpublished = {elektronická verze "online"}, language = {eng}, location = {Budapest, Hungary}, isbn = {978-1-7281-4973-8}, pages = {1-6}, publisher = {IEEE Xplore Digital Library}, title = {Network Monitoring and Enumerating Vulnerabilities in Large Heterogeneous Networks}, url = {https://ieeexplore.ieee.org/document/9110394}, year = {2020} }
TY - JOUR ID - 39021 AU - Laštovička, Martin - Husák, Martin - Sadlek, Lukáš PY - 2020 TI - Network Monitoring and Enumerating Vulnerabilities in Large Heterogeneous Networks PB - IEEE Xplore Digital Library CY - Budapest, Hungary SN - 9781728149738 KW - network scanning KW - network monitoring KW - vulnerability assessment UR - https://ieeexplore.ieee.org/document/9110394 N2 - In this paper, we present an empirical study on vulnerability enumeration in computer networks using common network probing and monitoring tools. We conducted active network scans and passive network monitoring to enumerate software resources and their version present in the network. Further, we used the data from third-party sources, such as Internet-wide scanner Shodan. We correlated the measurements with the list of recent vulnerabilities obtained from NVD using the CPE as a common identifier used in both domains. Subsequently, we compared the approaches in terms of network coverage and precision of system identification. Finally, we present a sample list of vulnerabilities observed in our campus network. Our work helps in approximating the number of vulnerabilities and vulnerable hosts in large networks, where it is often impractical or costly to perform vulnerability scans using specialized tools, and in situations, where a quick estimate is more important than thorough analysis. ER -
LAŠTOVIČKA, Martin, Martin HUSÁK a Lukáš SADLEK. Network Monitoring and Enumerating Vulnerabilities in Large Heterogeneous Networks. Online. In \textit{NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium}. Budapest, Hungary: IEEE Xplore Digital Library, 2020, s.~1-6. ISBN~978-1-7281-4973-8. Dostupné z: https://dx.doi.org/10.1109/NOMS47738.2020.9110394.
|