Benchmarking vulnerability scanners: An experiment on SCADA devices and scientific instruments

机译：基准漏洞扫描程序：SCADA设备和科学仪器的实验

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Cybersecurity is a critical concern in society today. One common avenue of attack for malicious hackers is exploiting vulnerable websites. It is estimated that there are over one million websites that are attacked daily. Two emerging targets of such attacks are Supervisory Control and Data Acquisition (SCADA) devices and scientific instruments. Vulnerability assessment tools can help provide owners of these devices with the knowledge on how to protect their infrastructure. However, owners face difficulties in identifying which tools are ideal for their assessments. This research aims to benchmark two state-of-the-art vulnerability assessment tools, Nessus and Burp Suite, in the context of SCADA devices and scientific instruments. We specifically focus on identifying the accuracy, scalability, and vulnerability results of the scans. Results of our study indicate that both tools together can provide a comprehensive assessment of the vulnerabilities in SCADA devices and scientific instruments.

机译：网络安全已成为当今社会关注的重要问题。恶意黑客攻击的一种常见途径是利用易受攻击的网站。据估计，每天有超过一百万个网站受到攻击。此类攻击的两个新兴目标是监督控制和数据采集（SCADA）设备和科学仪器。漏洞评估工具可以帮助为这些设备的所有者提供有关如何保护其基础架构的知识。但是，所有者在确定哪种工具最适合其评估时面临困难。这项研究旨在在SCADA设备和科学仪器的背景下，对两个最先进的漏洞评估工具（Nessus和Burp Suite）进行基准测试。我们特别专注于确定扫描的准确性，可伸缩性和漏洞结果。我们的研究结果表明，这两种工具一起可以对SCADA设备和科学仪器中的漏洞进行全面评估。

著录项

来源
《IEEE International Conference on Intelligence and Security Informatics》|2017年|83-88|共6页
会议地点
作者
Malaka El; Emma McMahon; Sagar Samtani; Mark Patton; Hsinchun Chen;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Tools; Instruments; Benchmark testing; Servers; Scalability; Performance evaluation; IP networks;

机译：工具;仪器;基准测试;服务器;可伸缩性;性能评估; IP网络;

相似文献

外文文献
中文文献
专利

1. Intelligent devices linked via SCADA: The intelligent MCCs and field devices employed at a new water treatment works communicate over a Profibus network linked to a full scale SCADA system [J] . Suzanne Gill Automation . 2005,第7a8期

机译：通过SCADA链接的智能设备：新水处理厂采用的智能MCC和现场设备通过Profibus网络进行通信，该Profibus网络链接到完整的SCADA系统
2. Scientific instrument Femtosecond X-ray Experiments (FXE): instrumentation and baseline experimental capabilities [J] . Galler Andreas, Gawelda Wojciech, Biednov Mykola, Journal of synchrotron radiation . 2019,第5期

机译：科学仪器飞秒X射线实验（FXE）：仪器和基线实验能力
3. Addendum to papers from Axially Symmetric Divertor Experiment (ASDEX) Upgrade Team, published in Review of Scientific Instruments [J] . J. Adamek, C. Angioni, G. Antar, Review of Scientific Instruments . 2010,第3期

机译：轴向对称分流器实验（ASDEX）升级小组论文的附录，发表在《科学仪器评论》上
4. Benchmarking vulnerability scanners: An experiment on SCADA devices and scientific instruments [C] . Malaka El, Emma McMahon, Sagar Samtani, IEEE International Conference on Intelligence and Security Informatics . 2017

机译：基准漏洞扫描仪：SCADA设备和科学仪器的实验
5. Evaluation of Web Vulnerability Scanners Based on OWASP Benchmark [D] . Mburano, Balume 2018

机译：基于OWASP基准的Web漏洞扫描程序评估
6. Scientific instrument Femtosecond X-ray Experiments (FXE): instrumentation and baseline experimental capabilities [O] . Andreas Galler, Wojciech Gawelda, Mykola Biednov, -1

机译：科学仪器飞秒X射线实验（FXE）：仪器和基准实验能力
7. Exploiting SCADA vulnerabilities using a Human Interface Device [O] . Grigoris Tzokatziou, Leandros A. Maglaras, Helge Janicke, 2015

机译：使用人机接口设备利用sCaDa漏洞

Benchmarking vulnerability scanners: An experiment on SCADA devices and scientific instruments

摘要

著录项

相似文献

相关主题

期刊订阅