Analysis of the automated vulnerability scanning framework: An experimental study.

摘要

Research has shown that managing information security is one of the top concerns for all business sectors and government sectors. Further, while direct financial loss is not the only threat, digital cyber terrorism is a growing concern and has gained international attention. Therefore, businesses are constantly trying to manage digital security state. In order to manage digital security state, automated vulnerability scanning tools are utilized. Multiple studies have shown that while these tools are great and have matured over last decade, they still have known detection errors. Detection errors include false-positives, false-negatives and DOS (Denial of service). A detection error typically gives a false sense of security and that creates an opportunity for digital attack. Detection errors can be reduced with smart scanning options/algorithms. This study focused on two detection errors: False positives and false negatives. The goal of this study was to understand differences in detection error rates between the original scanning technology and the improved/modified code and procedures. Results from this study demonstrated that the hybrid scanning options/algorithms assisted in reduction of detection errors. Hybrid scanning included dynamic and static scanning algorithms. Further, scanning options/algorithms were designed around configuration vulnerabilities, system vulnerabilities and web application vulnerabilities. Future study can focus on developing hybrid scanning algorithms to better assess security state of digital assets.