Mitigating Cyber Security Attacks by Being Aware of Vulnerabilities and Bugs
Title | Mitigating Cyber Security Attacks by Being Aware of Vulnerabilities and Bugs |
Publication Type | Conference Paper |
Year of Publication | 2017 |
Authors | Aslan, Ö, Samet, R. |
Conference Name | 2017 International Conference on Cyberworlds (CW) |
Date Published | sep |
Keywords | antivirus software, attack methodologies, composability, Computer bugs, cyber security, cyber security attacks, cyber-attack, defence strategies, Internet, Kali Linux, Linux, Metasploit Framework, Metrics, Nmap, operating system level, Penetration Test, Penetration Testing, prevention techniques, private data, program debugging, pubcrawl, resilience, Resiliency, security, security of data, software bugs, software programs, Tools, user bank accounts, valuable assets, virtualized system, Vulnerabilities and Bugs, vulnerability concepts, vulnerable applications, Windows operating system |
Abstract | Because the Internet makes human lives easier, many devices are connected to the Internet daily. The private data of individuals and large companies, including health-related data, user bank accounts, and military and manufacturing data, are increasingly accessible via the Internet. Because almost all data is now accessible through the Internet, protecting these valuable assets has become a major concern. The goal of cyber security is to protect such assets from unauthorized use. Attackers use automated tools and manual techniques to penetrate systems by exploiting existing vulnerabilities and software bugs. To provide good enough security; attack methodologies, vulnerability concepts and defence strategies should be thoroughly investigated. The main purpose of this study is to show that the patches released for existing vulnerabilities at the operating system (OS) level and in software programs does not completely prevent cyber-attack. Instead, producing specific patches for each company and fixing software bugs by being aware of the software running on each specific system can provide a better result. This study also demonstrates that firewalls, antivirus software, Windows Defender and other prevention techniques are not sufficient to prevent attacks. Instead, this study examines different aspects of penetration testing to determine vulnerable applications and hosts using the Nmap and Metasploit frameworks. For a test case, a virtualized system is used that includes different versions of Windows and Linux OS. |
URL | http://ieeexplore.ieee.org/document/8120330/ |
DOI | 10.1109/CW.2017.22 |
Citation Key | aslan_mitigating_2017 |
- software programs
- private data
- program debugging
- pubcrawl
- resilience
- Resiliency
- security
- security of data
- software bugs
- prevention techniques
- tools
- user bank accounts
- valuable assets
- virtualized system
- Vulnerabilities and Bugs
- vulnerability concepts
- vulnerable applications
- Windows operating system
- Kali Linux
- attack methodologies
- composability
- Computer bugs
- cyber security
- cyber security attacks
- cyber-attack
- defence strategies
- internet
- antivirus software
- Linux
- Metasploit Framework
- Metrics
- Nmap
- operating system level
- Penetration Test
- Penetration Testing