Chiem Trieu Phong,Wei Qi Yan

DOI: https://doi.org/10.4018/ijdcf.2014100104

2014-01-01

International Journal of Digital Crime and Forensics

Abstract:Penetration testing is an effort to attack a system using similar techniques and tools adopted by real hackers. The ultimate goal of penetration testing is to call to light as many existing vulnerabilities as possible, then come up with practical solutions to remediate the problems; thus, enhance the system security as a whole. The paper introduces concepts and definitions related to penetration testing, together with different models and methodologies to conduct a penetration test. A wide range of penetration testing state-of-the-art, as well as related tools (both commercial and free open source available on the market) are also presented in relatively rich details.

Hui Liu,Zhitang Li

DOI: https://doi.org/10.1109/waim.2008.69

2008-01-01

Abstract:Like a network camera, in the deployment of security equipments, IDS keeps the role of monitoring and analyzing the traffic in a timely manner. It strongly prevents the intrusive motivation by the way of recording every illegal access. Unfortunately, in the same time, hackers are trying their best to evade the IDS, in order to cover up their abnormal tracks. It is very important to let the IDS keep it's own safety, especially in the network deployment policy, in which IDS keeps an undivided part. From the aspect of vulnerability, this paper lists seven threats and submits the penetration test examples respectively. Also, the paper gives some useful advices in order to strengthen IDS safety.

Aiman Al-Sabaawi,Thamer A. Alrowidhan

DOI: https://doi.org/10.48550/arXiv.2212.11449

2022-12-22

Abstract:In multi-tier network systems, custom applications, Web services and platform environments, storing data and information assets becomes a challenge for any organisation. Although there are different methods to secure network systems, the best way to test the level of security is to conduct penetration testing. In this paper, we describe how we performed live penetration testing for a particular network, namely, <a class="link-external link-http" href="http://192.168.3.0/24" rel="external noopener nofollow">this http URL</a> (Case Study) by identifying the system vulnerabilities to enable its penetration. After compromising the system, critical data (Flags) must be found, indicating our successful penetration. As professional penetration testers, we used an arsenal of penetration testing tools utilised by malicious actors on the internet, such as Nmap, Nessus, Sparta and Metasploit, etc. Typically, much effort was employed on reconnaissance & scanning phases, rather than system exploration, due to their importance in identifying security vulnerabilities in the system environment. The vulnerability analysis highlighted the most critical threats, which token is an advantage to gain access, namely, FTP services, HTTP, and human errors. However, comprising the system is not sufficient because the critical data (Flag) generally requires the administrators rights. Consequently, teams often examine the system to find a way to escalate privilege to the root level. Furthermore, some critical data (Flags) require decryption algorithms or the analysis of captured packets to make them readable. We found eight Flags and identified a system security breach. Mitigation strategies addressing the identified vulnerabilities are recommended to ensure the given networks are secured against future attacks.

Cryptography and Security

Wei Pan,Weihua Li

DOI: https://doi.org/10.1109/ICMeCG.2009.111

2009-01-01

Abstract:E-Commerce systems are suffering more and more security issues. Vulnerabilities of authentication systems are revealed when various attacks and malicious abuses are developed and deployed to violate security of system and information. To improve the ability to defend authentication system against invasion and abuse, a novel penetration testing method for E-Commerce authentication system is proposed to scrutinize the vulnerabilities of e-Commerce authentication system and evaluate severity level of potential vulnerabilities. The penetration testing method is an active vulnerability analysis and verification method that can mimic active attacks and perform exploitations by constructing effective and concise penetration testing cases. Through analyzing dynamic taint propagation, the presented method can determine feasibility of the attacks and evaluate security of authentication system. The experiment demonstrates the proposed method can serve as a viable and effective candidate for security detection of authentication system.

Liwei Wang,Robert Abbas,Fahad M. Almansour,Gurjot Singh Gaba,Roobaea Alroobaea,Mehedi Masud

DOI: https://doi.org/10.1515/jisys-2020-0145

2021-01-01

Journal of Intelligent Systems

Abstract:Abstract With the advancement of internet and the emergence of network globalization, security has always been a major concern. During the trial operation, the management control platform discussed in this article included more than 600 network security vulnerabilities in the industry, with dozens of incidents, which were promptly dealt with and rectified, effectively improving the level of network security management and protection in the industry. As networks are very much vulnerable to denial of service attacks, much more emphasis has been given to security. By improving their network security, network administrators have often tried their best. To attempt penetration testing, it is the best way of ensuring the system security. With the development of information technology, the security requirement of information system is increasing day by day. The use of penetration testing technology is conducive to the realization of accurate positioning, accurate detection, and active alarm of security vulnerabilities, and the optimization of monitoring and rectification of the combination of network security management control system. Taking penetration testing technology as one of the core elements of management and control, the risk index model is optimized to make network security management controllable and efficient, and effectively achieve management and control objectives.

Charilaos Skandylas,Mikael Asplund

2024-12-17

Abstract:Recent changes in standards and regulations, driven by the increasing importance of software systems in meeting societal needs, mandate increased security testing of software systems. Penetration testing has been shown to be a reliable method to asses software system security. However, manual penetration testing is labor-intensive and requires highly skilled practitioners. Given the shortage of cybersecurity experts and current societal needs, increasing the degree of automation involved in penetration testing can aid in fulfilling the demands for increased security testing. In this work, we formally express the penetration testing problem at the architectural level and suggest a general self-organizing architecture that can be instantiated to automate penetration testing of real systems. We further describe and implement a specialization of the architecture in the ADAPT tool, targeting systems composed of hosts and services. We evaluate and demonstrate the feasibility of ADAPT by automatically performing penetration tests with success against: Metasploitable2, Metasploitable3, and a realistic virtual network used as a lab environment for penetration tester training.

Cryptography and Security,Software Engineering

Riya Kedia,Pooja Jha,M. Dehury,Sahil Prasad Bejo,B. Kumar,Pallab Banerjee

DOI: https://doi.org/10.1109/WCONF58270.2023.10235163

2023-07-14

Abstract:Currently, because almost all interactions occur online, internet security is a critical concern. Penetration testing evaluates network and system security while also revealing security weaknesses. Piercing testing is carry out to ensure that there are no security flaws in the system or network that would permit unauthorised access. Penetration testing, often known as Pen Testing, is a collection of processes designed to track down vulnerabilities in a network or system, or online application that an attacker may exploit. It assists to confirm the effectiveness and efficiency of the different security measures put in place. This document concisely describes the foundations of penetration testing as well as illustrates how and where to deploy and utilise several tools and methodologies for penetration testing using Kali Linux for detecting system vulnerabilities: and provide a review of firewalls, networking protocols, as well as basic security problems that must be addressed in the goal of better protection of the system, ending after analysing the results.

Computer Science

Jeremy Straub

2023-06-07

Abstract:Penetration testing increases the security of systems through tasking testers to 'think like the adversary' and attempt to find the ways that an attacker would break into the system. For many systems, this can be conducted in a safe and controlled way; however, some systems are so critical to human life and safety that the risk of their failure or disablement due to active penetration testing cannot be assumed. These systems are also critical to evaluate the security of, to prevent attackers from disabling them or causing their maloperation; however, this must be done in a manner that doesn't risk the very malady that testing seeks to avoid through the testing process itself. This paper presents P2SCP, a paradigm for penetration testing of systems that cannot be subjected to the risk of penetration testing. It discusses how data collection, the creation of digital twins and cousins and evaluative analysis can be utilized to conduct virtual penetration tests on critical infrastructure systems. This proposed paradigm is analyzed through the use of several case studies.

Cryptography and Security

Daniel Dalalana Bertoglio,Arthur Gil,Juan Acosta,Julia Godoy,Roben Castagna Lunardi,Avelino Francisco Zorzo

2023-11-22

Abstract:With the increasing number of internet-based resources and applications, the amount of attacks faced by companies has increased significantly in the past years. Likewise, the techniques to test security and emulate attacks need to be constantly improved and, as a consequence, help to mitigate attacks. Among these techniques, penetration test (Pentest) provides methods to assess the security posture of assets, using different tools and methodologies applied in specific scenarios. Therefore, this study aims to present current methodologies, tools, and potential challenges applied to Pentest from an updated systematic literature review. As a result, this work provides a new perspective on the scenarios where penetration tests are performed. Also, it presents new challenges such as automation of techniques, management of costs associated with offensive security, and the difficulty in hiring qualified professionals to perform Pentest.

Cryptography and Security

Mohammed Alabbad,Neerja Mhaskar,Ridha Khedri

DOI: https://doi.org/10.1016/j.jnca.2024.103851

IF: 7.574

2024-04-01

Journal of Network and Computer Applications

Abstract:We study the problem of hardening the security of existing networks. Dynamic and static analysis are two main approaches that are used to address this problem. Dynamic analysis is performed using penetration testing. Penetration testing (short pentesting) simulates attacks on an existing and possibly dynamic network to identify its vulnerabilities without causing it any harm. Static analysis analyzes the access control policies of both network resources and firewalls without executing them. Although, dynamic and static analysis are extremely useful approaches, they also have several drawbacks. For instance, they do not identify vulnerabilities resulting from weak network segmentation, improper implementation of the Defence in Depth strategy, and an increased attack surface for a given resource or firewall. In this paper, we propose a novel approach termed as the referential penetration testing (RPT) approach to evaluate the security of networks. The RPT approach evaluates the network and checks for segmentation flaws, while checking for other traditional vulnerabilities. We then propose a novel framework, called the RPT framework, that incorporates the RPT approach to identify vulnerabilities in networks. The proposed framework is an application of the Digital Twin Technology in network security. We compare RPT to the network vulnerabilities assessment tools Nessus, OpenVAS, Qualys, Illumio, Tufin, and AlgoSec. The comparison reveals that RPT is different from the other tools on all the considered technical aspects, which indicates that it brings a novel approach to assess network segmentation. It has a very limited focus compared to the others, which makes it suitable for being used in combination with anyone of them to further enhance the robustness of the segmentation. Finally, we implement this framework in the Software Defined Network (SDN) environment and discuss its usefulness.

computer science, interdisciplinary applications, software engineering, hardware & architecture

Krutarth Chauhan

2024-07-24

Abstract:Conventional security solutions are insufficient to address the urgent cybersecurity challenge posed by insider attacks. While a great deal of research has been done in this area, our systematic literature analysis attempts to give readers a thorough grasp of penetration testing's role in reducing insider risks. We aim to arrange and integrate the body of knowledge on insider threat prevention by using a grounded theory approach for a thorough literature review. This analysis classifies and evaluates the approaches used in penetration testing today, including how well they uncover and mitigate insider threats and how well they work in tandem with other security procedures. Additionally, we look at how penetration testing is used in different industries, present case studies with real-world implementations, and discuss the obstacles and constraints that businesses must overcome. This study aims to improve the knowledge of penetration testing as a critical part of insider threat defense, helping to create more comprehensive and successful security policies.

Cryptography and Security

Jean-Paul A. Yaacoub,Hassan N. Noura,Ola Salman,Ali Chehab

DOI: https://doi.org/10.48550/arXiv.2103.15072

2021-03-28

Abstract:Security attacks are growing in an exponential manner and their impact on existing systems is seriously high and can lead to dangerous consequences. However, in order to reduce the effect of these attacks, penetration tests are highly required, and can be considered as a suitable solution for this task. Therefore, the main focus of this paper is to explain the technical and non-technical steps of penetration tests. The objective of penetration tests is to make existing systems and their corresponding data more secure, efficient and resilient. In other terms, pen testing is a simulated attack with the goal of identifying any exploitable vulnerability or/and a security gap. In fact, any identified exploitable vulnerability will be used to conduct attacks on systems, devices, or personnel. This growing problem should be solved and mitigated to reach better resistance against these attacks. Moreover, the advantages and limitations of penetration tests are also listed. The main issue of penetration tests that it is efficient to detect known vulnerabilities. Therefore, in order to resist unknown vulnerabilities, a new kind of modern penetration tests is required, in addition to reinforcing the use of shadows honeypots. This can also be done by reinforcing the anomaly detection of intrusion detection/prevention system. In fact, security is increased by designing an efficient cooperation between the different security elements and penetration tests.

Cryptography and Security

Papa Kobina Orleans-Bosomtwe

2024-07-24

Abstract:Critical infrastructure refers to essential physical and cyber systems vital to the functioning and stability of societies and economies. These systems include key sectors such as healthcare, energy, and water supply, which are crucial for societal and economic stability and are increasingly becoming prime targets for malicious actors, including state-sponsored hackers, seeking to disrupt national security and economic stability. This paper reviews literature on critical infrastructure security, focusing on penetration testing and exploit development. It explores four main questions: the characteristics of critical infrastructure, the role and challenges of penetration testing, methodologies of exploit development, and the contribution of these practices to security and resilience. The findings of this paper reveal inherent vulnerabilities in critical infrastructure and sophisticated threats posed by cyber adversaries. Penetration testing is highlighted as a vital tool for identifying and addressing security weaknesses, allowing organizations to fortify their defenses. Additionally, understanding exploit development helps anticipate and mitigate potential threats, leading to more robust security measures. The review underscores the necessity of continuous and proactive security assessments, advocating for integrating penetration testing and exploit development into regular security protocols. By doing so, organizations can preemptively identify and mitigate risks, enhancing the overall resilience of critical infrastructure. The paper concludes by emphasizing the need for ongoing research and collaboration between the public and private sectors to develop innovative solutions for the evolving cyber threat landscape. This comprehensive review aims to provide a foundational understanding of critical infrastructure security and guide future research and practices.

Cryptography and Security

Esra Abdullatif Altulaihan,Abrar Alismail,Mounir Frikha

DOI: https://doi.org/10.3390/electronics12051229

IF: 2.9

2023-03-05

Electronics

Abstract:Websites are becoming increasingly effective communication tools. Nevertheless, web applications are vulnerable to attack and can give attackers access to sensitive information or unauthorized access to accounts. The number of vulnerabilities in web applications has increased dramatically over the past decade. Many are due to improper validation and sanitization of input. Identifying these vulnerabilities is essential for developing high-quality, secure web applications. Whenever a website is released to the public, it is required to have had penetration testing to a certain standard to ensure the security of the information. Application-level security vulnerability detection is possible for many commercial and open-source applications. However, developers are curious about which tools detect security vulnerabilities and how quickly they do so. The purpose of this study is to discuss penetration testing and how it can be implemented. This paper also explores the hazards and vulnerabilities associated with the web environment as well as the protective measures that can be taken. In addition, a comprehensive review and comparison of common web penetration testing tools is provided. The aim of this paper is to help web penetration testers choose a technology that is optimal for their requirements. The paper also sets out to guide and provide recommendations to users for choosing the best web penetration test tool and increasing their awareness of secure web environments. The study results indicate that not all web penetration testing tools offer the same features and that combining analysis tools can provide detailed information about web vulnerabilities.

engineering, electrical & electronic,computer science, information systems,physics, applied

Carlos Sarraute,Olivier Buffet,Joerg Hoffmann

DOI: https://doi.org/10.48550/arXiv.1306.4714

2013-06-20

Abstract:Penetration Testing is a methodology for assessing network security, by generating and executing possible attacks. Doing so automatically allows for regular and systematic testing without a prohibitive amount of human labor. A key question then is how to generate the attacks. This is naturally formulated as a planning problem. Previous work (Lucangeli et al. 2010) used classical planning and hence ignores all the incomplete knowledge that characterizes hacking. More recent work (Sarraute et al. 2011) makes strong independence assumptions for the sake of scaling, and lacks a clear formal concept of what the attack planning problem actually is. Herein, we model that problem in terms of partially observable Markov decision processes (POMDP). This grounds penetration testing in a well-researched formalism, highlighting important aspects of this problem's nature. POMDPs allow to model information gathering as an integral part of the problem, thus providing for the first time a means to intelligently mix scanning actions with actual exploits.

Artificial Intelligence,Cryptography and Security

Qianyu Li,Ruipeng Wang,Min Zhang,Fan Shi,Yi Shen,Miao Hu,Bingyang Guo,Chengxi Xu

DOI: https://doi.org/10.1109/tii.2024.3379633

IF: 12.3

2024-01-01

IEEE Transactions on Industrial Informatics

Abstract:Penetration testing is widely acknowledged as the foremost method for evaluating network security. However, three challenges impede the generation of strategies that align with human expectations. In this article, we present, for the first time, a method based on human feedback to enhance strategy generation. Our approach comprises two components: agent training and decision-making. During agent training, we establish a hierarchical framework to decompose tasks and a knowledge base to offer advice for improving data efficiency. We then impose constraints on the action space to mitigate ineffective exploration. Finally, we train a reward model based on human feedback and fine tune the model guided by this reward model. In decision-making, we process the model output to enhance decision accuracy. We crafted scenarios based on real-world networks, and the results demonstrate the effectiveness of our method in generating penetration testing strategies that align more closely with human intentions.

Jianbin Hu,Yonggang Wang,Cong Tang,Zhong Chen

2010-01-01

Abstract:Automatic Network Penetration Testing (ANPT) has been widely used in exploring vulnerabilities. With network topology becoming more complex, the demand of ANPT also increases quite a lot. However, due to the tool management and scale problems, etc, current ANPT methodologies and processes are not automatic enough to meet the increasing demand for network security assessment. Aiming at a higher degree of automation, this paper proposes three main challenges existing in ANPT. In response, we introduce several principles to meet the challenges, combining with some new definitions that we propose, such as Key Penetration State(KPS), and Penetration Probability(PPrb).

Chi ZHANG,Sen-lin LUO

DOI: https://doi.org/10.3969/j.issn.1671-1122.2014.04.004

2014-01-01

Abstract:Penetration test is an effective security testing method. One of the key questions in automated penetration testing is to match discovered vulnerabilities and exploitations. Two matching methods based on open ports and references are put forward in this paper. One method is to compare the port numbers of system vulnerabilities with those described in exploitations. The other one is to compare the references of vulnerabilities with those in exploitations. The experimental results show that the recall ratios of the two methods reach 96.8%and 90.3%. Both of the two methods are effective. Furthermore, they can be applied to the penetration test in practical.

P. Rajesh Kanna,P. Santhi

DOI: https://doi.org/10.1007/s12652-024-04794-y

IF: 3.662

2024-05-09

Journal of Ambient Intelligence and Humanized Computing

Abstract:The field of computer networking is experiencing rapid growth, accompanied by the swift advancement of internet tools. As a result, people are becoming more aware of the importance of network security. One of the primary concerns in ensuring security is the authority over domains, and network owners are striving to establish a common language to exchange security information and respond quickly to emerging threats. Given the increasing prevalence of various types of attacks, network security has become a significant challenge in the realm of computing. To address this, a multi-level distributed approach incorporating vulnerability identification, dimensioning, and countermeasures based on attack graphs has been developed. Implementing reconfigurable virtual systems as countermeasures significantly improves attack detection and mitigates the impact of attacks. Password-based authentication, for instance, can be susceptible to password cracking techniques, social engineering attacks, or data breaches that expose user credentials. Similarly, ensuring privacy during data transmission through encryption helps protect data from unauthorized access, but it does not guarantee the prevention of other types of attacks such as malware infiltration or insider threats. This research explores various techniques to achieve effective attack detection. Multiple research methods have been utilized and evaluated to identify the most suitable approach for network security and attack detection in the context of cloud computing. The analysis and implementation of diverse research studies demonstrate that the based signature intrusion detection method outperforms others in terms of precision, recall, F-measure, accuracy, reliability, and time complexity.

computer science, information systems,telecommunications, artificial intelligence