A link-layer-based self-replicating vulnerability discovery agent

With malicious attacks increasing in speed and propagation intelligence, especially under steadily shrinking time-windows between the announcement of a vulnerability and its exploitation, the need of innovative vulnerability detection techniques increase. Complex and large scale networks, that encounter frequent network devices association and disassociation, make asset management a difficult task. In this paper we propose an effective method to probe for vulnerabilities within an enterprise network, by plotting agents during its gradual propagation. The method utilizes Layer two topology information collected from network switches to achieve minimum bandwidth usage and maximize network coverage.