Multi-Layer Attack Graph Analysis in the 5G Edge Network Using a Dynamic Hexagonal Fuzzy Method

Overall, 5G networks are expected to become the backbone of many critical IT applications. With 5G, new tech advancements and innovation are expected; 5G currently operates on software-defined networking. This enables 5G to implement network slicing to meet the unique requirements of every application. As a result, 5G is more flexible and scalable than 4G LTE and previous generations. To avoid the growing risks of hacking, 5G cybersecurity needs some significant improvements. Some security concerns involve the network itself, while others focus on the devices connected to 5G. Both aspects present a risk to consumers, governments, and businesses alike. There is currently no real-time vulnerability assessment framework that specifically addresses 5G Edge networks, with regard to their real-time scalability and dynamic nature. This paper studies the vulnerability assessment in the 5G networks and develops an optimized dynamic method that integrates the Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) with the hexagonal fuzzy numbers to accurately analyze the vulnerabilities in 5G networks. The proposed method considers both the vulnerability and 5G network dynamic factors such as latency and accessibility to find the potential attack graph paths where the attack might propagate in the network and quantifies the attack cost and security level of the network. We test and validate the proposed method using our 5G testbed and we compare the optimized method to the classical TOPSIS and the known vulnerability scanner tool, Nessus.

ANALISA KERENTANAN PADA VULNERABLE DOCKER MENGGUNAKAN SCANNER OPENVAS DAN DOCKER SCAN DENGAN ACUAN STANDAR NIST 800-115

Docker merupakan sebuah aplikasi yang berbasis opensource yang memungkinkan untukmembangun, mendistribusikan dan menjalankan aplikasi dimanapun bagi Developer selain itudocker juga digunakan sebagai standar tools berbasis container. Upaya dalam mengukur sebuahkerentanan pada aplikasi dapat dilakukan dengan cara pemindaian, upaya ini berguna untukmenemukan suatu risiko kerentanan sehingga bisa mendapatkan stategi yang tepat untukmengecilkan atau menghilangan risiko tersebut. Dalam tugas akhir ini, dilakukan analisisakerentanan pada docker menggunakan vulnerability scanner open source dengan acuan standarNIST 800-115. Penelitian ini menggunakan OpenVAS sebagai Vulnerability Scanner yangmemiliki database kerentanan yang cukup lengkap serta hasil scanning yang mudah untukdipahami. Dalam analisa ini,dapat di deteksi dan di analisa macam-macam serangan yang bisadi lakukan oleh attackter dalam melakukan penyerangan. Didapatkan 98,6 dari hasil profilAnalisa risiko serta menunjukkan bahwa WordPress User IDs and User Names Disclosurememiliki resiko tersbesar atas serangan cyber.

ICT security in tax administration - Rapid7 Nexpose vulnerability analysis

The article focuses on the subject of IT security in tax administration. This study presents the research on the security level of endpoints, servers, printing devices, network switches and other ICT devices using the Rapid Nexpose vulnerability scanner. We discuss the specifics of security research in public administration resulting from the laws in force in these institutions.

Vulnerability Scanning Technology on Web Applications

Modern society is far more dependent on web applications than the previous generations. Even though our dependence is increasing rapidly, the security level is far lower than required. To guarantee the security of the data system in the industry and our daily life, it is especially crucial to find out web application security vulnerabilities quickly and accurately. A vulnerability is a state of being unprotected from the prospect of an attack. It permits an attacker to gain a certain level of command of the site, and possibly the hosting server. One such vulnerability is the cross-site scripting vulnerability. In this exposition, a generic vulnerability scanner is proposed which can be customized to find any number of vulnerabilities. The scanner maps out the website and gives a report of all the vulnerabilities. For the purpose of evaluation, it has been customized to find XSS vulnerability in web applications.

AUTOMATED VULNERABILITY SEARCH IN A WEB APPLICATION BASED ON REINFORCEMENT LEARNING

We analyzed the urgency of the task of creating a more efficient (compared to analogues) means of automated vulnerability search based on modern technologies. We have shown the similarity of the vulnerabilities identifying process with the Markov decision-making process and justified the feasibility of using reinforcement learning technology for solving this problem. Since the analysis of the web application security is currently the highest priority and in demand, within the framework of this work, the application of the mathematical apparatus of reinforcement learning with to this subject area is considered. The mathematical model is presented, the specifics of the training and testing processes for the problem of automated vulnerability search in web applications are described. Based on an analysis of the OWASP Testing Guide, an action space and a set of environment states are identified. The characteristics of the software implementation of the proposed model are described: Q-learning is implemented in the Python programming language; a neural network was created to implement the learning policy using the tensorflow library. We demonstrated the results of the Reinforcement Learning agent on a real web application, as well as their comparison with the report of the Acunetix Vulnerability Scanner. The findings indicate that the proposed solution is promising.

Design of web vulnerability scanner based on go language

The vulnerability scanner designed in this paper completed the collection of information and scanning of vulnerability, including six parts: input assets, asset collection, vulnerability profile, plug-in upload, single case detection and report display. The framework of vue realized the front end that included six pages, and the framework of gin realized the back end. The interface completed the separation of the front and back end. The database using MySQL designed seven tables. This scanner can avoid tedious and repetitive work, it can realize automatic scanning and testing of network vulnerabilities.