面向企业内网的分布式漏洞检测系统

Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology Pub Date : 1900-01-01 DOI:10.1109/CCST.2005.1594863

G. Corral, A. Zaballos, X. Cadenas, A. Grané

{"title":"面向企业内网的分布式漏洞检测系统","authors":"G. Corral, A. Zaballos, X. Cadenas, A. Grané","doi":"10.1109/CCST.2005.1594863","DOIUrl":null,"url":null,"abstract":"Security must be an integral element of any network. An organization's network is the basic environment connecting all users, servers and applications. Internal network security has to ensure that the corporate network is secure; therefore it includes tracking physical, endpoint and application security issues. Security testing is a crucial instrument to control network security, but there exists a need for an automated security system which helps security analysts and testers. This paper reviews the main topics related to vulnerability assessment in intranets and proposes a new distributed system to analyze security capability and vulnerability detection in intranets. The system design and implementation is also presented. This proposal is based on the open source security testing methodology manual and it is part of a wider system for automating vulnerability detection called Consensus.","PeriodicalId":411051,"journal":{"name":"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":"{\"title\":\"A distributed vulnerability detection system for an intranet\",\"authors\":\"G. Corral, A. Zaballos, X. Cadenas, A. Grané\",\"doi\":\"10.1109/CCST.2005.1594863\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Security must be an integral element of any network. An organization's network is the basic environment connecting all users, servers and applications. Internal network security has to ensure that the corporate network is secure; therefore it includes tracking physical, endpoint and application security issues. Security testing is a crucial instrument to control network security, but there exists a need for an automated security system which helps security analysts and testers. This paper reviews the main topics related to vulnerability assessment in intranets and proposes a new distributed system to analyze security capability and vulnerability detection in intranets. The system design and implementation is also presented. This proposal is based on the open source security testing methodology manual and it is part of a wider system for automating vulnerability detection called Consensus.\",\"PeriodicalId\":411051,\"journal\":{\"name\":\"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"15\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CCST.2005.1594863\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCST.2005.1594863","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 15

摘要

安全必须是任何网络的一个组成部分。组织的网络是连接所有用户、服务器和应用程序的基本环境。内部网络安全要保证企业网络的安全;因此，它包括跟踪物理、端点和应用程序安全问题。安全测试是控制网络安全的重要手段，但需要一个自动化的安全系统来帮助安全分析人员和测试人员。本文综述了企业内部网漏洞评估的相关研究课题，提出了一种新的分布式系统来分析企业内部网的安全能力和漏洞检测。最后给出了系统的设计与实现。该提案基于开源安全测试方法手册，它是一个更广泛的自动化漏洞检测系统的一部分，称为Consensus。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A distributed vulnerability detection system for an intranet

Security must be an integral element of any network. An organization's network is the basic environment connecting all users, servers and applications. Internal network security has to ensure that the corporate network is secure; therefore it includes tracking physical, endpoint and application security issues. Security testing is a crucial instrument to control network security, but there exists a need for an automated security system which helps security analysts and testers. This paper reviews the main topics related to vulnerability assessment in intranets and proposes a new distributed system to analyze security capability and vulnerability detection in intranets. The system design and implementation is also presented. This proposal is based on the open source security testing methodology manual and it is part of a wider system for automating vulnerability detection called Consensus.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology

自引率

0.00%

发文量