A link-layer-based self-replicating vulnerability discovery agent

Stephen D. Wolthusen, Ziyad Al-Salloum

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

With malicious attacks increasing in speed and propagation intelligence, especially under steadily shrinking time-windows between the announcement of a vulnerability and its exploitation, the need of innovative vulnerability detection techniques increase. Complex and large scale networks, that encounter frequent network devices association and disassociation, make asset management a difficult task. In this paper we propose an effective method to probe for vulnerabilities within an enterprise network, by plotting agents during its gradual propagation. The method utilizes Layer two topology information collected from network switches to achieve minimum bandwidth usage and maximize network coverage.
Original languageEnglish
Title of host publication2010 IEEE Symposium on Computers and Communications (ISCC)
PublisherIEEE Computer Society Press
Pages704-707
ISBN (Print)978-1-4244-7754-8
DOIs
Publication statusPublished - 22 Jun 2010

Cite this