Agent-based host enumeration and vulnerability scanning using dynamic topology information

Ziyad Al-Salloum, Stephen D. Wolthusen

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Edge networks in enterprise networks are increasingly complex and dynamic, raising questions about the ability to maintain a current overview of computing assets on the network and their potential vulnerability. However, to respond to ongoing or impending attacks that may propagate at high speed, it has become crucial to ensure proper and efficient reachability of all network nodes that might be at risk so as to be able to assess and, where possible, mitigate the threat. In this paper we therefore propose an agent-based semi-autonomous scanning mechanism which utilizes topology information to traverse networks with minimum bandwidth usage and maximum network coverage, and hence avoiding potential service degradation in large-scale structured networks. Topology information is also used to constrain propagation to a well defined network, while intermittently active hosts and topology changes are detected by using resident reactive agents plotted throughout the mechanism gradual propagation.
Original languageEnglish
Title of host publicationInformation Security for South Africa 2010 (ISSA)
PublisherIEEE Computer Society Press
Number of pages8
ISBN (Print)978-1-4244-5493-8
DOIs
Publication statusPublished - Aug 2010

Cite this