Get 20M+ Full-Text Papers For Less Than $1.50/day. Start a 14-Day Trial for You or Your Team.

Learn More →

A quantitative evaluation of vulnerability scanning

A quantitative evaluation of vulnerability scanning Purpose – The purpose of this paper is to evaluate if automated vulnerability scanning accurately identifies vulnerabilities in computer networks and if this accuracy is contingent on the platforms used. Design/methodology/approach – Both qualitative comparisons of functionality and quantitative comparisons of false positives and false negatives are made for seven different scanners. The quantitative assessment includes data from both authenticated and unauthenticated scans. Experiments were conducted on a computer network of 28 hosts with various operating systems, services and vulnerabilities. This network was set up by a team of security researchers and professionals. Findings – The data collected in this study show that authenticated vulnerability scanning is usable. However, automated scanning is not able to accurately identify all vulnerabilities present in computer networks. Also, scans of hosts running Windows are more accurate than scans of hosts running Linux. Research limitations/implications – This paper focuses on the direct output of automated scans with respect to the vulnerabilities they identify. Areas such as how to interpret the results assessed by each scanner (e.g. regarding remediation guidelines) or aggregating information about individual vulnerabilities into risk measures are out of scope. Practical implications – This paper describes how well automated vulnerability scanners perform when it comes to identifying security issues in a network. The findings suggest that a vulnerability scanner is a useable tool to have in your security toolbox given that user credentials are available for the hosts in your network. Manual effort is however needed to complement automated scanning in order to get satisfactory accuracy regarding network security problems. Originality/value – Previous studies have focused on the qualitative aspects on vulnerability assessment. This study presents a quantitative evaluation of seven of the most popular vulnerability scanners available on the market. http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png Information Management & Computer Security Emerald Publishing

A quantitative evaluation of vulnerability scanning

Download PDF
17 pages

Loading next page...
 
/lp/emerald-publishing/a-quantitative-evaluation-of-vulnerability-scanning-44iZYmHi1b
Publisher
Emerald Publishing
Copyright
Copyright © 2011 Emerald Group Publishing Limited. All rights reserved.
ISSN
0968-5227
DOI
10.1108/09685221111173058
Publisher site
See Article on Publisher Site

Abstract

Purpose – The purpose of this paper is to evaluate if automated vulnerability scanning accurately identifies vulnerabilities in computer networks and if this accuracy is contingent on the platforms used. Design/methodology/approach – Both qualitative comparisons of functionality and quantitative comparisons of false positives and false negatives are made for seven different scanners. The quantitative assessment includes data from both authenticated and unauthenticated scans. Experiments were conducted on a computer network of 28 hosts with various operating systems, services and vulnerabilities. This network was set up by a team of security researchers and professionals. Findings – The data collected in this study show that authenticated vulnerability scanning is usable. However, automated scanning is not able to accurately identify all vulnerabilities present in computer networks. Also, scans of hosts running Windows are more accurate than scans of hosts running Linux. Research limitations/implications – This paper focuses on the direct output of automated scans with respect to the vulnerabilities they identify. Areas such as how to interpret the results assessed by each scanner (e.g. regarding remediation guidelines) or aggregating information about individual vulnerabilities into risk measures are out of scope. Practical implications – This paper describes how well automated vulnerability scanners perform when it comes to identifying security issues in a network. The findings suggest that a vulnerability scanner is a useable tool to have in your security toolbox given that user credentials are available for the hosts in your network. Manual effort is however needed to complement automated scanning in order to get satisfactory accuracy regarding network security problems. Originality/value – Previous studies have focused on the qualitative aspects on vulnerability assessment. This study presents a quantitative evaluation of seven of the most popular vulnerability scanners available on the market.

Journal

Information Management & Computer SecurityEmerald Publishing

Published: Oct 11, 2011

Keywords: Computer security; Information technology; Management; Information security modelling; Computer networks; Assessments; Auditing

References

  • An automated framework for managing security vulnerabilities
    Al‐Ayed, A.; Furnell, S.M.; Zhao, D.; Dowland, P.S.
  • Network vulnerability assessment management
    Andress, M.
  • AVDS
    Beyond Security
  • Vulnerability Management: Tools, Challenges and Best Practices
    Brackin, C.
  • Visualizing attack graphs, reachability, and trust relationships with NAVIGATOR
    Chu, M.; Ingols, K.; Lippmann, R.; Webster, S.; Boyer, S.
  • Core Impact
    Core Security
  • FusionVM
    Critical Watch
  • Why Johnny can't pentest: an analysis of black‐box web vulnerability scanners
    Doupé, A.; Cova, M.; Vigna, G.
  • Retina network security scanner
    eEye
  • Web application scanners: definitions and functions
    Fong, E.; Okun, V.
  • Building a test suite for web application scanners
    Fong, E.; Fong, E.; Gaucher, R.; Okun, V.; Black, P.E.; Dalci, E.
  • Vulnerability assessment scanners
    Forristal, J.; Shipley, G.
  • Security analysers: administrator assistants or hacker helpers?
    Furnell, S.M.; Chiliarchaki, P.; Dowland, P.S.
  • GFI LANguard
    GFI
  • SAT‐solving approaches to context‐aware enterprise network security management
    Homer, J.; Ou, X.
  • Practical attack graph generation for network defense
    Ingols, K.; Lippmann, R.; Piwowarski, K.
  • Topological analysis of network attack vulnerability
    Jajodia, S.; Noel, S.; O'Berry, B.
  • MarketScope for Vulnerability Assessment
    Kavanagh, K.M.; Nicolett, M.; Pescatore, J.
  • A comparative study of anomaly detection schemes in network intrusion detection
    Lazarevic, A.; Ertoz, L.; Ozgur, A.; Srivastava, J.; Kumar, V.
  • Patchlink Scan
    Lumension
  • McAfee Vulnerability Manager
    McAfee
  • Virtualization performance: perspectives and challenges ahead
    McDougall, R.; Anderson, J.
  • Network Security Assessment: From Vulnerability to Patch
    Manzuik, S.; Pfeil, K.; Gold, A.
  • A complete guide to the Common Vulnerability Scoring System (CVSS)
    Mell, P.; Scarfone, K.; Romanosky, S.
  • nCircle IP360
    nCircle
  • Advances in topological vulnerability analysis
    Noel, S.; Noel, S.; Noel, S.; Elder, M.; Sushil, J.; Kalapa, P.; O'Hare, S.; Prole, K.
  • National Vulnerability Database
    NVD
  • MulVAL: a logic‐based network security analyzer
    Ou, X.; Govindavajhala, S.; Appel, A.W.
  • Expanding topological vulnerability analysis to intrusion detection through the incident response intelligence system
    Patsos, D.; Mitropoulos, S.; Douligeris, C.
  • QualysGuard Enterprise
    Qualys
  • Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.0
    Quinn, S.; Waltermire, D.; Johnson, C.; Scarfone, K.; Banghart, J.
  • NeXpose
    Rapid7
  • SAINT
    Saint Corporation
  • Information Assurance Report – Vulnerability Assessment
    Skousen, R.A.
  • A probabilistic relational model for security risk analysis
    Sommestad, T.; Ekstedt, M.; Johnson, P.
  • Security mistakes in information system deployment
    Sommestad, T.; Ekstedt, M.; Holm, H.; Afzal, M.
  • Vulnerability assessment
    Stephenson, P.
  • On risk: perception and direction
    Stewart, A.
  • ProtectPoint
    Still Secure
  • SecureFusion portal
    Symantec
  • Nessus
    Tenable
  • Trustwave
    Trustwave
  • User acceptance of information technology: toward a unified view
    Venkatesh, V.; Morris, M.G.; Davis, F.D.; Davis, G.B.
  • The impact of virtualization on network performance of Amazon EC2 Data Center
    Wang, G.; Ng, T.
  • The Forrester Wave™: Vulnerability Management, Q2 2010
    Wang, C.; Balaouras, S.; Coit, L.
  • Applied Statistics: From Bivariate Through Multivariate Techniques
    Warner, R.M.
  • Vulnerability Management Tools for COTS Software‐A Comparison
    Welberg, S.
  • Preparation, detection, and analysis: the diagnostic work of IT security incident response
    Werlinger, R.; Muldner, K.; Hawkey, K.; Beznosov, K.
  • Analyzing and modeling the performance in xen‐based virtual cluster environment
    Ye, K.; Jiang, X.; Chen, S.; Huang, D.; Nang, B.