• DocumentCode
    2130788
  • Title

    GVScan: Scanning Networks for Global Vulnerabilities

  • Author

    Baiardi, Fabrizio ; Coro, Fabio ; Tonelli, Federico ; Guidi, Luca

  • Author_Institution
    Dept. of Comput. Sci., Univ. of Pisa, Pisa, Italy
  • fYear
    2013
  • fDate
    2-6 Sept. 2013
  • Firstpage
    670
  • Lastpage
    677
  • Abstract
    A global vulnerability is a set of vulnerabilities in one or several nodes of an ICT infrastructure. These vulnerabilities enable some attacks that may be sequentialized so that the privileges that each attack requires are acquired through the previous ones. Current vulnerability scanners cannot discover global vulnerabilities because they analyze each node in isolation, without correlating the vulnerabilities in the same or in distinct nodes. To discover global vulnerabilities, an analysis has to correlate node vulnerabilities according to the architecture and the topology of the infrastructure. After defining a formal analysis to discover global vulnerabilities and the corresponding attack sequences, we present GVScan, a tool to automate the analysis based upon a classification of vulnerabilities. A first application of GVScan to a real infrastructure is described together with an evaluation of its accuracy.
  • Keywords
    pattern classification; security of data; GVScan; ICT infrastructure; attack sequences; formal analysis; global vulnerability; infrastructure architecture; infrastructure topology; network scanning; node vulnerabilities; vulnerabilities classification; vulnerability scanners; Complexity theory; Correlation; Electronic mail; Network topology; Security; Standards; Topology; Attack Chain; Privilege Escalation; Remote Attack; Risk Assessment; SCADA System; Vulnerability Assessment; Vulnerability Scanning;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability and Security (ARES), 2013 Eighth International Conference on
  • Conference_Location
    Regensburg
  • Type

    conf

  • DOI
    10.1109/ARES.2013.88
  • Filename
    6657304