Biblio
Filters: Keyword is vulnerability exploitation [Clear All Filters]
.
2018. Analysis of Attack and Attackers on VoIP Honeypot Environment. 2018 26th Signal Processing and Communications Applications Conference (SIU). :1-4.
This work explores attack and attacker profiles using a VoIP-based Honeypot. We implemented a low interaction honeypot environment to identify the behaviors of the attackers and the services most frequently used. We watched honeypot for 180 days and collected 242.812 events related to FTP, SIP, MSSQL, MySQL, SSH, SMB protocols. The results provide an in-depth analysis about both attacks and attackers profile, their tactics and purposes. It also allows understanding user interaction with a vulnerable honeypot environment.
.
2017. A Conditional Probability Computation Method for Vulnerability Exploitation Based on CVSS. 2017 IEEE Second International Conference on Data Science in Cyberspace (DSC). :238–241.
Computing the probability of vulnerability exploitation in Bayesian attack graphs (BAGs) is a key process for the network security assessment. The conditional probability of vulnerability exploitation could be obtained from the exploitability of the NIST's Common Vulnerability Scoring System (CVSS). However, the method which N. Poolsappasit et al. proposed for computing conditional probability could be used only in the CVSS metric version v2.0, and can't be used in other two versions. In this paper, we present two methods for computing the conditional probability based on CVSS's other two metric versions, version 1.0 and version 3.0, respectively. Based on the CVSS, the conditional probability computation of vulnerability exploitation is complete by combining the method of N. Poolsappasit et al.