Intelligent System for Automation of Security Audits (SIAAS)

João Pedro Seara; Carlos Serrão

doi:10.4108/eetsis.3564

Authors

João Pedro Seara Iscte – Instituto Universitário de Lisboa https://orcid.org/0009-0001-3348-5660
Carlos Serrão Iscte – Instituto Universitário de Lisboa https://orcid.org/0000-0002-4847-2432

DOI:

https://doi.org/10.4108/eetsis.3564

Keywords:

cybersecurity, security auditing, vulnerability scanner, free open-source software (FOSS)

Abstract

Events related to cybersecurity failures have a high and growing financial, operational, and reputational impact, on organizations around the world. At the same time, there is a shortage of cybersecurity professionals. In addition, the specialization of professionals with the necessary skills in the area of cybersecurity is expensive and time-consuming. Taking these facts into consideration, this research has focused on the automation of cybersecurity processes, specifically those related to continuous vulnerability detection. To address this problem, a cybersecurity vulnerability scanner that is free to the community and requires no pre-expertise on the part of the operator, was developed. The artifact was tested by companies in the IT business, by systems engineers, most without cybersecurity background. The results demonstrated that the artifact was easy to install and that the reported results can be used by the operator in the context of an automatic and proactive securitization of the systems involved.

References

Check Point Blog, “Check Point Research: Third quarter of 2022 reveals increase in cyberattacks and unexpected developments in global trends”, checkpoint.com, https://blog.checkpoint.com/2022/10/26/third-quarter-of-2022-reveals-increase-in-cyberattacks/ (accessed: 2023/08/31)

Cybersecurity and Infrastructure Security Agency (CISA), “Cost of a Cyber Security Incident: Systematic Review and Cross-Validation”, 2020

S. Morgan (Cybercrime Magazine), “Cybercrime To Cost The World $10.5 Trillion Annually By 2025”, cybersecurityventures.com, https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/ (accessed: 2023/08/31)

S. Furnell, P. Fischer, and A. Finch, “Can't get the staff? The growing need for cyber-security skills”, Computer Fraud & Security, 2017, vol. 2017, i. 2, pp. 5-10, doi: 10.1016/S1361-3723(17)30013-1

S. Furnell, “The cybersecurity workforce and skills”, Computer Fraud & Security, 2021, vol. 100, i. C, doi: 10.1016/j.cose.2020.102080

C. Russu, “The impact of low cyber security on the development of poor nations”, developmentaid.org, https://www.developmentaid.org/news-stream/post/149553/low-cyber-security-and-development-of-poor-nations (accessed: 2023/08/31)

G. Smith, “The intelligent solution: automation, the skills shortage and cyber-security”, Computer Fraud & Security, 2018, vol. 2018, i. 8, pp. 6-9, doi: 10.1016/S1361-3723(18)30073-3

R. K. L. Ko, “Cyber Autonomy: Automating the Hacker – Self-healing, self-adaptive, automatic cyber defense systems and their impact to the industry, society and national security”, arXiv, 2020, doi: 10.48550/arXiv.2012.04405

Deascona, “How ChatGPT will revolutionize the cyber security industry”, uxdesign.cc, https://bootcamp.uxdesign.cc/how-chat-gpt-will-revolutionize-the-cyber-security-industry-7847cc7fc24e (accessed: 2023/08/31)

Ponemon Institute (sponsored by Rezilion), "The State of Vulnerability Management in DevSecOps", 2022

Julia Anderson, “Updates to ISO 27001/27002 raise the bar on application security and vulnerability scanning”, invict.com, https://www.invicti.com/blog/web-security/iso-27001-27002-changes-in-2022-application-security-vulnerability-scanning/ (accessed: 2023/08/31)

S. Shea, “SOAR (security orchestration, automation and response)”, techtarget.com, https://www.techtarget.com/searchsecurity/definition/SOAR (accessed: 2023/08/31)

D. Moher, A. Liberati, J. Tetzlaff, D. G. Altman, and The PRISMA Group, “Preferred Reporting Items for Systematic Reviews and Meta-Analyses: The PRISMA Statement”, PLoS Medicine, 2009, vol. 6, no. 7, doi: 10.1371/journal.pmed.1000097

W. Liu, "Design and Implement of Common Network Security Scanning System", 2009 International Symposium on Intelligent Ubiquitous Computing and Education, 2009, pp. 148-151, doi: 10.1109/IUCE.2009.24

S. Shah and B. M. Mehtre, "An automated approach to Vulnerability Assessment and Penetration Testing using Net-Nirikshak 1.0", 2014 IEEE International Conference on Advanced Communications, Control and Computing Technologies, 2014, pp. 707-712, doi: 10.1109/ICACCCT.2014.7019182

Y. Wang, Y. Bai, L. Li, X. Chen, and A. Chen, "Design of Network Vulnerability Scanning System Based on NVTs", 2020 IEEE 5th Information Technology and Mechatronics Engineering Conference (ITOEC), 2020, pp. 1774-1777, doi: 10.1109/ITOEC49072.2020.9141812

H. Chen, J. Chen, J. Chen, S. Yin, Y. Wu, and J. Xu, "An Automatic Vulnerability Scanner for Web Applications", 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 2020, pp. 1519-1524, doi: 10.1109/TrustCom50675.2020.00207

X. Zhang et al., "An Automated Composite Scanning Tool with Multiple Vulnerabilities”, 2019 IEEE 3rd Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC), 2019, pp. 1060-1064, doi: 10.1109/IMCEC46724.2019.8983828

C. Wang et al., "FalconEye: A High-Performance Distributed Security Scanning System", 2019 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech), 2019, pp. 282-288, doi: 10.1109/DASC/PiCom/CBDCom/CyberSciTech.2019.00059

P. Davies and T. Tryfonas, “A lightweight web-based vulnerability scanner for small-scale computer network security assessment”, Journal of Network and Computer Applications, 2009, vol. 32, i. 1, pp. 78-95, doi: 10.1016/j.jnca.2008.04.007

S. Kals, E. Kirda, C. Kruegel, and N. Jovanovic, “SecuBat: a web vulnerability scanner”, WWW ‘06: Proceedings of the 15th International Conference on World Wide Web, 2006, pp. 247-256, doi: 10.1145/1135777.1135817

M. Noman, M. Iqbal, K. Rasheed, and M. Muneeb Abid, “Web Vulnerability Finder (WVF): Automated Black-Box Web Vulnerability Scanner”, International Journal of Information Technology and Computer Science, 2020, vol. 12, pp. 38-46, doi: 10.5815/ijitcs.2020.04.05

J. Yin, M. Tang, J. Cao, M. You, H. Wang, and M. Alazab, “Knowledge-Driven Cybersecurity Intelligence: Software Vulnerability Coexploitation Behavior Discovery”, IEEE Transactions on Industrial Informatics, 2023, vol. 19, no. 4, pp. 5593-5601, doi: 10.1109/TII.2022.3192027

W. Haydock, "But is it exploitable?", deploy-securely.com, https://www.blog.deploy-securely.com/p/but-is-it-exploitable (accessed: 2023/08/31)

G. F. Lyon, Nmap Network Scanning; The Official Nmap Project Guide to Network Discovery and Security Scanning, Insecure Press, 2008, ISBN 978-0-9799587-1-7. [Online] Available: https://nmap.org/book/toc.html (accessed: 2023/08/31)

I. Chalvatzis, D. A. Karras, and R. C. Papademetriou, "Evaluation of Security Vulnerability Scanners for Small and Medium Enterprises Business Networks Resilience towards Risk Assessment", 2019 IEEE International Conference on Artificial Intelligence and Computer Applications (ICAICA), 2019, pp. 52-58, doi: 10.1109/ICAICA.2019.8873438

Y. Wang and J. Yang, "Ethical Hacking and Network Defense: Choose Your Best Network Vulnerability Scanning Tool", 2017 31st International Conference on Advanced Information Networking and Applications Workshops (WAINA), 2017, pp. 110-113, doi: 10.1109/WAINA.2017.39

I. Zulkarneev and A. Kozlov, "New Approaches of Multi-agent Vulnerability Scanning Process", 2021 Ural Symposium on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT), 2021, pp. 488-490, doi: 10.1109/USBEREIT51232.2021.9455061

A. Rockikz, “How to Get Hardware and System Information in Python”, thepythoncode.com, https://www.thepythoncode.com/article/get-hardware-system-information-python (accessed: 2023/08/31)

B. Waldvogel, “Layer 2 network neighbourhood discovery tool”, github.com, https://github.com/bwaldvogel/neighbourhood (accessed: 2023/08/31)