Title :
Design and Implementation of an XML-Based Penetration Testing System
Author :
Xing, Bin ; Gao, Ling ; Zhang, Jing ; Sun, Deheng
Author_Institution :
Dept. of Comput. Sci. & Technol., Northwest Univ., Xi´´an, China
Abstract :
According to the low efficiency of system testing, the longer test cycle, the single form of the test results, no standardized documents of tested results and other drawbacks of the traditional penetration testing system, this paper design and implement of an XML-based penetration testing system. The system uses SNMP, PING, Telnet and other ways to explore resource, is based on OVAL, CVE to assess vulnerability, and finally realize the function of penetration testing combining with the strategy of penetration testing. Data is transmitted by XML format in whole system, and the tested results are shown in XML format ultimately. The system can improve test efficiency, reduce cycle time, make the tested results performance-rich and unified, and the system is cross-platform, uniformity and scalability.
Keywords :
XML; program testing; CVE; OVAL; PING; SNMP; Telnet; XML format; XML-based penetration testing system; data transmission; longer test cycle; penetration testing system; standardized document; Databases; Libraries; Logic gates; Security; Servers; Testing; XML; CVE; OVAL; XML; multi-technology resource exploration; penetration testing strategy;
Conference_Titel :
Intelligence Information Processing and Trusted Computing (IPTC), 2010 International Symposium on
Conference_Location :
Huanggang
Print_ISBN :
978-1-4244-8148-4
Electronic_ISBN :
978-0-7695-4196-9
DOI :
10.1109/IPTC.2010.109
