开发一种确保路由器安全的渗透测试方法，并在虚拟实验室进行测试

Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI:10.1145/2799979.2799989

E. Küçüksille, Mehmet Ali Yalçinkaya, Samet Ganal

{"title":"开发一种确保路由器安全的渗透测试方法，并在虚拟实验室进行测试","authors":"E. Küçüksille, Mehmet Ali Yalçinkaya, Samet Ganal","doi":"10.1145/2799979.2799989","DOIUrl":null,"url":null,"abstract":"In today's world of informatics, penetration tests becoming one of the most important factors in ensuring corporate information security. Penetration test methodologies provided to this day for ensuring information security have mostly concentrated on network components such as servers and firewalls. The fact that there has not been sufficient focus on router security in the penetration tests that have been conducted leads to major problems in ensuring corporate information security. This study presents a router penetration test methodology consisting of three steps to ensure full range router security. The effectiveness of the methodology presented was analyzed in a virtual penetration test laboratory, for which the design is provided in this study. Following the test trials, it was observed that the presented test methodology enables the common security vulnerabilities occurring on routers to be controlled in order.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":"15 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Developing a penetration test methodology in ensuring router security and testing it in a virtual laboratory\",\"authors\":\"E. Küçüksille, Mehmet Ali Yalçinkaya, Samet Ganal\",\"doi\":\"10.1145/2799979.2799989\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In today's world of informatics, penetration tests becoming one of the most important factors in ensuring corporate information security. Penetration test methodologies provided to this day for ensuring information security have mostly concentrated on network components such as servers and firewalls. The fact that there has not been sufficient focus on router security in the penetration tests that have been conducted leads to major problems in ensuring corporate information security. This study presents a router penetration test methodology consisting of three steps to ensure full range router security. The effectiveness of the methodology presented was analyzed in a virtual penetration test laboratory, for which the design is provided in this study. Following the test trials, it was observed that the presented test methodology enables the common security vulnerabilities occurring on routers to be controlled in order.\",\"PeriodicalId\":293190,\"journal\":{\"name\":\"Proceedings of the 8th International Conference on Security of Information and Networks\",\"volume\":\"15 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-09-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 8th International Conference on Security of Information and Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2799979.2799989\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 8th International Conference on Security of Information and Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2799979.2799989","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

摘要

在当今的信息学世界中，渗透测试成为确保企业信息安全的最重要因素之一。迄今为止，为确保信息安全而提供的渗透测试方法主要集中在服务器和防火墙等网络组件上。在已进行的渗透测试中，对路由器安全性的关注不够，导致在确保企业信息安全方面存在重大问题。本研究提出一种路由器渗透测试方法，包括三个步骤，以确保全面的路由器安全性。在一个虚拟渗透测试实验室中对所提出方法的有效性进行了分析，并给出了设计方案。在测试试验之后，观察到所提出的测试方法可以按顺序控制路由器上发生的常见安全漏洞。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Developing a penetration test methodology in ensuring router security and testing it in a virtual laboratory

In today's world of informatics, penetration tests becoming one of the most important factors in ensuring corporate information security. Penetration test methodologies provided to this day for ensuring information security have mostly concentrated on network components such as servers and firewalls. The fact that there has not been sufficient focus on router security in the penetration tests that have been conducted leads to major problems in ensuring corporate information security. This study presents a router penetration test methodology consisting of three steps to ensure full range router security. The effectiveness of the methodology presented was analyzed in a virtual penetration test laboratory, for which the design is provided in this study. Following the test trials, it was observed that the presented test methodology enables the common security vulnerabilities occurring on routers to be controlled in order.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 8th International Conference on Security of Information and Networks

自引率

0.00%

发文量