Message d'état

PURL test ID: finland

Detecting the impact of software vulnerability on attacks: A case study of network telescope scans

TitreDetecting the impact of software vulnerability on attacks: A case study of network telescope scans
Publication TypeJournal Article
Year of Publication2021
AuthorsHoumz, A, Mezzour, G, Zkik, K, Ghogho, M, Benbrahim, H
JournalJournal of Network and Computer Applications
Volume195
Mots-clésCase-studies, Classification algorithm, CVE, Forecasting, Machine learning, Network scan, Network scanning, Network security, Network telescopes, NVD, OR-networks, Scanning, Software vulnerabilities, Telescopes, Times series
Abstract

Network scanning is one of the first steps in gathering information about a target before launching attacks. It is used to scan for vulnerable devices and exposed services in order to exploit them. Such exploits can result in data breaches or network disruption, which can be very costly for organizations. There are many factors, including technical and non-technical, affecting the volume of scanning activities. In this paper, we study the impact of vulnerability disclosure on the volume of scans over time and propose a machine learning-based approach to predict this impact. We conducted a comprehensive data collection of network scans from two network telescopes hosted in different countries, as well as the disclosed vulnerabilities from 2014 to 2019. We then designed a set of features to characterize the disclosed vulnerabilities and used several classifiers to predict whether a vulnerability will impact the volume of daily scans. The resulting classifier achieves over 85% accuracy in predicting the impact. In addition, we performed an analysis of the key characteristics of vulnerabilities that directly affect scanning activities. Our findings show that this approach is able to classify vulnerabilities that have an impact on network scans. The implementation of our model and validation tests proved the efficiency of the selected features, as well as the robustness of our model to classify vulnerabilities’ impact on scans. © 2021 Elsevier Ltd

URLhttps://www.scopus.com/inward/record.uri?eid=2-s2.0-85116335984&doi=10.1016%2fj.jnca.2021.103230&partnerID=40&md5=1d7f8d5d4111761b27fc93badc70f925
DOI10.1016/j.jnca.2021.103230
Revues: 

Partenaires

Localisation

Suivez-nous sur

         

    

Contactez-nous

ENSIAS

Avenue Mohammed Ben Abdallah Regragui, Madinat Al Irfane, BP 713, Agdal Rabat, Maroc

  Télécopie : (+212) 5 37 68 60 78

  Secrétariat de direction : 06 61 48 10 97

        Secrétariat général : 06 61 34 09 27

        Service des affaires financières : 06 61 44 76 79

        Service des affaires estudiantines : 06 62 77 10 17 / n.mhirich@um5s.net.ma

        CEDOC ST2I : 06 66 39 75 16

        Résidences : 06 61 82 89 77

Contacts

    

    Compteur de visiteurs:639,828
    Education - This is a contributing Drupal Theme
    Design by WeebPal.