University of Khartoum

Design and Implementation of An Automated Vulnerability Assessment Software University of Khartoum

Design and Implementation of An Automated Vulnerability Assessment Software University of Khartoum

Show full item record

Title: Design and Implementation of An Automated Vulnerability Assessment Software University of Khartoum
Author: Farah, Khaled Abdulraheem Mohammed
Abstract: Network security has been a major concern for network operators. There are many reasons that may affect the infrastructure’s availability, integrity and confidentiality. Such as server misconfiguration, outdated services, firewalls misconfiguration and operations improper practices (weak passwords, misconfigured ACLs ... etc.). Early detection for vulnerabilities helps network operators to avoid being compromised, by applying corrective and preventive actions, such as applying security updates, hardening firewall rules, secure coding and apply strict operations controls. One of the most effective ways to detect vulnerabilities in a given infrastructure is vulnerability analysis and assessment. Vulnerability assessment is the process of identifying and ranking risks of vulnerabilities in a system’s assets. Many tools and applications have been developed to scan and protect networks against such misconfiguration and weaknesses, but most of these tools operates manually; which doesn’t achieve the early detection goal. The early detection goal is achieved by automating the vulnerability assessment process – which is the main project goal -. The automation is done by integrating several tools with the main software program. The program operates in cyclic manner in a period determined by the network operator. In each cycle, the program scans the networks, tests the found hosts against vulnerabilities and stores the findings in the project central database. The project also generates reports by integrating the program with a special reporting engine, the reporting engine provides many visual formats for the reports, summarized or detailed. After preparing the testing lab and running the software against it, viable reports were extracted that proves the software’s success in identifying vulnerabilities and their causes. By generating a series of visual and live reports that helps achieving the early detection goal. The reports were then merge in a live feed dashboard. The project faced some limitations such as extracting management reports to help making decisions. A work around to minimize this limitation was to extract reports in a unified format to be processed by another software (Microsoft Excel for e.g.).
URI: http://khartoumspace.uofk.edu/123456789/25780
Date: 2017


Files in this item

Files Size Format View

This item appears in the following Collection(s)

Show full item record

Share

Search DSpace


Browse

My Account