Proceedings of the 11th European Workshop on Systems Security 2018
DOI: 10.1145/3193111.3193116
|View full text |Cite
|
Sign up to set email alerts
|

Towards Automated Vulnerability Scanning of Network Servers

Abstract: We explore a new technique for safe patch fingerprinting to automate vulnerability scanning of network servers. Our technique helps automate the discovery of inputs that safely discriminate vulnerable from patched servers for the latest vulnerabilities. This enables rapid updates to vulnerability scanning tools as new software vulnerabilities are discovered, allowing administrators to scan and secure their networks more quickly. To ensure such scans are safe and ethical, we need to reject inputs with malicious… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
7
0

Year Published

2019
2019
2023
2023

Publication Types

Select...
4
3
1

Relationship

0
8

Authors

Journals

citations
Cited by 14 publications
(7 citation statements)
references
References 9 publications
0
7
0
Order By: Relevance
“…Ref. [29] exemplifies automated vulnerability checking but restricted to network servers on the basis of the pure networking traffic characteristics. Ref.…”
Section: Related Workmentioning
confidence: 99%
“…Ref. [29] exemplifies automated vulnerability checking but restricted to network servers on the basis of the pure networking traffic characteristics. Ref.…”
Section: Related Workmentioning
confidence: 99%
“…[90] Surveys and overviews is paper summarizes the field of software vulnerability examination and discovery that uses machine learning and data mining approaches. [91] Security and privacy is paper talks about safe patch fingerprinting.…”
Section: Hybrid Reputation Modelmentioning
confidence: 99%
“…In addition, their methods are also time-consuming: they need more than 9 days to measure a dataset of 200,000 websites. They focus on determining whether a given input propagates, rather than efficiently finding the propagating inputs, for arbitrary vulnerabilities [12], [14]. The second group performs the scanning of the Internet ipv4 protocol for a specifically defined subject area, such as hosted services, SSL/TLS, vulnerabilities or specific software or protocol vulnerabilities by using mass scan tools such as ZMAp, Nmap and Massscan [15]- [17].…”
Section: Overview Of the Previous Workmentioning
confidence: 99%