{"title":"一个自动化的网络入侵过程和对策","authors":"Valkaniotis Tilemachos, C. Manifavas","doi":"10.1145/2801948.2802001","DOIUrl":null,"url":null,"abstract":"This paper presents a case study in an attempt to raise awareness on computer security. Our research showed that theoretically one could indeed build a tool capable of automating a hacking attack, functional under certain circumstances. In this work, we first discuss the fundamental concepts of a penetration testing process and afterwards we highlight a number of open source tools, frameworks and programming languages used to build an automated process (Nmap, Metasploit, Python). Then, we demonstrate how those three technologies/tools can be combined to automate the intrusion process and create a script, allowing an attacker to access a single or multiple remote systems by only typing a single command. Finally, we present some countermeasures. Overall, this paper will serve to justify not only the increase in cyber-attacks but also the decrease in the required knowledge to conduct and be successful in the attack.","PeriodicalId":305252,"journal":{"name":"Proceedings of the 19th Panhellenic Conference on Informatics","volume":"119 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"An automated network intrusion process and countermeasures\",\"authors\":\"Valkaniotis Tilemachos, C. Manifavas\",\"doi\":\"10.1145/2801948.2802001\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper presents a case study in an attempt to raise awareness on computer security. Our research showed that theoretically one could indeed build a tool capable of automating a hacking attack, functional under certain circumstances. In this work, we first discuss the fundamental concepts of a penetration testing process and afterwards we highlight a number of open source tools, frameworks and programming languages used to build an automated process (Nmap, Metasploit, Python). Then, we demonstrate how those three technologies/tools can be combined to automate the intrusion process and create a script, allowing an attacker to access a single or multiple remote systems by only typing a single command. Finally, we present some countermeasures. Overall, this paper will serve to justify not only the increase in cyber-attacks but also the decrease in the required knowledge to conduct and be successful in the attack.\",\"PeriodicalId\":305252,\"journal\":{\"name\":\"Proceedings of the 19th Panhellenic Conference on Informatics\",\"volume\":\"119 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 19th Panhellenic Conference on Informatics\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2801948.2802001\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 19th Panhellenic Conference on Informatics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2801948.2802001","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An automated network intrusion process and countermeasures
This paper presents a case study in an attempt to raise awareness on computer security. Our research showed that theoretically one could indeed build a tool capable of automating a hacking attack, functional under certain circumstances. In this work, we first discuss the fundamental concepts of a penetration testing process and afterwards we highlight a number of open source tools, frameworks and programming languages used to build an automated process (Nmap, Metasploit, Python). Then, we demonstrate how those three technologies/tools can be combined to automate the intrusion process and create a script, allowing an attacker to access a single or multiple remote systems by only typing a single command. Finally, we present some countermeasures. Overall, this paper will serve to justify not only the increase in cyber-attacks but also the decrease in the required knowledge to conduct and be successful in the attack.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
