DocumentCode
2130788
Title
GVScan: Scanning Networks for Global Vulnerabilities
Author
Baiardi, Fabrizio ; Coro, Fabio ; Tonelli, Federico ; Guidi, Luca
Author_Institution
Dept. of Comput. Sci., Univ. of Pisa, Pisa, Italy
fYear
2013
fDate
2-6 Sept. 2013
Firstpage
670
Lastpage
677
Abstract
A global vulnerability is a set of vulnerabilities in one or several nodes of an ICT infrastructure. These vulnerabilities enable some attacks that may be sequentialized so that the privileges that each attack requires are acquired through the previous ones. Current vulnerability scanners cannot discover global vulnerabilities because they analyze each node in isolation, without correlating the vulnerabilities in the same or in distinct nodes. To discover global vulnerabilities, an analysis has to correlate node vulnerabilities according to the architecture and the topology of the infrastructure. After defining a formal analysis to discover global vulnerabilities and the corresponding attack sequences, we present GVScan, a tool to automate the analysis based upon a classification of vulnerabilities. A first application of GVScan to a real infrastructure is described together with an evaluation of its accuracy.
Keywords
pattern classification; security of data; GVScan; ICT infrastructure; attack sequences; formal analysis; global vulnerability; infrastructure architecture; infrastructure topology; network scanning; node vulnerabilities; vulnerabilities classification; vulnerability scanners; Complexity theory; Correlation; Electronic mail; Network topology; Security; Standards; Topology; Attack Chain; Privilege Escalation; Remote Attack; Risk Assessment; SCADA System; Vulnerability Assessment; Vulnerability Scanning;
fLanguage
English
Publisher
ieee
Conference_Titel
Availability, Reliability and Security (ARES), 2013 Eighth International Conference on
Conference_Location
Regensburg
Type
conf
DOI
10.1109/ARES.2013.88
Filename
6657304
Link To Document