Abstract
The extraordinary advancement of technology has increased the importance of achieving the required level of information security, which is still difficult to achieve. Recently, network and web application attacks have become more common, causing confidential data to be stolen by exploiting system vulnerabilities. The CIA Triad Model is broken as a result of this. In this work, with the aim of relieving real-world concerns, we present an enhanced schema for the first feature of the security engine we proposed in the previous paper. It is an automated security scanner based on parallelization for the active information-gathering phase. It supports real-time and scheduled system scans in parallel in the phase of active information gathering based on RESTful API allowing easy integration for real-life cases. With the integration of the message-broker software (RabbitMQ) that originally implemented the advanced message queuing protocol (AMQP), the user has the ability to create instant customized scans and check the related results. These features depend on Celery workers using asynchronous task queue which is reliant on distributed message passing to perform multiprocessing and concurrent execution of tasks. The system can be used by penetration testers, IT departments, and system administrators to monitor their system and grant high security and instant alarms in critical threats. An automated IP and port scanning, service-version enumeration, and security vulnerabilities detection system are the core of the proposed scheme project. The accuracy and efficiency of this technique have been demonstrated through a variety of test cases based on real-world events. The average time of scanning a server and detecting the vulnerabilities has been enhanced by 22.73% to become 1.7 minutes instead of 2.2 minutes. Similarly, the improvement ratio for run time, elapsed time and vulnerability detection are 20.40, 90.80, and 7.70% respectively.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Gamundani, A.M., Nekare, L.M.: A review of new trends in cyber attacks: a zoom into distributed database systems. In: 2018 IST-Africa Week Conference (IST-Africa), p. 1. IEEE, Piscataway (2018)
Arnaldy, D., Perdana, A.R.: Implementation and analysis of penetration techniques using the man-in-the-middle attack. In: 2019 2nd International Conference of Computer and Informatics Engineering (IC2IE), pp. 188–192. IEEE, Piscataway (2019)
Zhu, N., Chen, X., Zhang, Y.: Construction of overflow attacks based on attack element and attack template. In: 2011 Seventh International Conference on Computational Intelligence and Security, pp. 540–544. IEEE, Piscataway (2011)
Kang, S., Qiaozhong, D., WeiQiang, Z.: Space information security and cyberspace defense technology. In: 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing, pp. 1509–1511. IEEE, Piscataway (2013)
Daria, G., Massel, A.: Intelligent system for risk identification of cybersecurity violations in energy facility. In: 2018 3rd Russian-Pacific Conference on Computer Technology and Applications (RPC), pp. 1–5. IEEE, Piscataway (2018)
Markov, A., Fadin, A., Tsirlov, V.: Multilevel metamodel for heuristic search of vulnerabilities in the software source code. Int. J. Control Theory Appl. 9(30), 313–320 (2016)
Pechenkin, A.I., Lavrova, D.S.: Modeling the search for vulnerabilities via the fuzzing method using an automation representation of network protocols. Autom. Control Comput. Sci. 49(8), 826–833 (2015)
Zegzhda, P., Zegzhda, D., Pavlenko, E., Dremov, A.: Detecting android application malicious behaviors based on the analysis of control flows and data flows. In: Proceedings of the 10th International Conference on Security of Information and Networks, pp. 280–283 (2017)
Abramov, G., Korobova, L., Ivashin, A., Matytsina, I.: Information system for diagnosis of respiratory system diseases. In: Journal of Physics: Conference Series, vol. 1015, p. 042036. IOP Publishing, Bristol (2018)
Barabanov, A.V., Markov, A.S., Tsirlov, V.L.: Methodological framework for analysis and synthesis of a set of secure software development controls. J. Theor. Appl. Inf. Technol. 88(1), 77–88(2016)
Howard, M., Lipner, S.: The Security Development Lifecycle: A Process for Developing Demonstrably More Secure Software. Microsoft Press, Redmond (2006)
Calzavara, S., Focardi, R., Nemec, M., Rabitti, A., Squarcina, M.: Postcards from the post-http world: amplification of https vulnerabilities in the web ecosystem. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 281–298. IEEE, Piscataway (2019)
Calzavara, S., Focardi, R., Squarcina, M., Tempesta, M.: Surviving the web: a journey into web session security. ACM Comput. Surv. 50(1), 1–34 (2017)
Nirmal, K., Janet, B., Kumar, R.: Web application vulnerabilities-the hacker’s treasure. In: 2018 International Conference on Inventive Research in Computing Applications (ICIRCA), pp. 58–62. IEEE, Piscataway (2018)
Petrenko, A.S., Petrenko, S.A., Makoveichuk, K.A., Chetyrbok, P.V.: Protection model of PCS of subway from attacks type wanna cry, petya and bad rabbit IoT. In: 2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus), pp. 945–949. IEEE, Piscataway (2018)
Priya, R., Lifna, C., Jagli, D., Joy, A.: Rational unified treatment for web application vulnerability assessment. In: 2014 International Conference on Circuits, Systems, Communication and Information Technology Applications (CSCITA), pp. 336–340. IEEE, Piscataway (2014)
Bhor, R., Khanuja, H.: Analysis of web application security mechanism and attack detection using vulnerability injection technique. In: 2016 International Conference on Computing Communication Control and Automation (ICCUBEA), pp. 1–6. IEEE, Piscataway (2016)
Wang, B., Liu, L., Li, F., Zhang, J., Chen, T., Zou, Z.: Research on web application security vulnerability scanning technology. In: 2019 IEEE 4th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC), vol. 1, pp. 1524–1528. IEEE, Piscataway (2019)
Yadav, D., Gupta, D., Singh, D., Kumar, D., Sharma, U.: Vulnerabilities and security of web applications. In: 2018 4th International Conference on Computing Communication and Automation (ICCCA), pp. 1–5. IEEE, Piscataway (2018)
Malkawi, M., Özyer, T., Alhajj, R.: Automation of active reconnaissancephase: an automated api-based port and vulnerability scanner. In: Proceedings of the 2021 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining. ASONAM’21, pp. 622–629. Association for Computing Machinery, New York (2021). https://doi.org/10.1145/3487351.3492720
Varenitca, V.V., Markov, A.S., Savchenko, V.V.: Recommended practices for the analysis of web application vulnerabilities. In: 10th Anniversary International Scientific and Technical Conference on Secure Information Technologies, BIT 2019 CEUR Workshop Proceedings, vol. 2603, pp. 75–78 (2019)
Marshmallow: Simplified Object Serialization — Marshmallow 3.15.0 Documentation. https://marshmallow.readthedocs.io/en/stable/
Shah, M., Ahmed, S., Saeed, K., Junaid, M., Khan, H., et al.: Penetration testing active reconnaissance phase–optimized port scanning with nmap tool. In: 2019 2nd International Conference on Computing, Mathematics and Engineering Technologies (iCoMET), pp. 1–6. IEEE, Piscataway (2019)
Chakrabarti, S., Chakraborty, M., Mukhopadhyay, I.: Study of snortbased ids. In: Proceedings of the International Conference and Workshop on Emerging Trends in Technology, pp. 43–47 (2010)
Kaur, G., Kaur, N.: Penetration testing–reconnaissance with NMAP tool. Int. J. Adv. Res. Comput. Sci. 8(3), 844–846 (2017)
Durumeric, Z., Wustrow, E., Halderman, J.A.: ZMap: fast internet-wide scanning and its security applications. In: 22nd {USENIX} Security Symposium ({USENIX} Security’13), pp. 605–620 (2013)
Schagen, N., Koning, K., Bos, H., Giuffrida, C.: Towards automated vulnerability scanning of network servers. In: Proceedings of the 11th European Workshop on Systems Security, pp. 1–6 (2018)
Roy, A., Mejia, L., Helling, P., Olmsted, A.: Automation of cyberreconnaissance: a java-based open source tool for information gathering. In: 2017 12th International Conference for Internet Technology and Secured Transactions (ICITST), pp. 424–426. IEEE, Piscataway (2017)
Panjwani, S., Tan, S., Jarrin, K.M., Cukier, M.: An experimental evaluation to determine if port scans are precursors to an attack. In: 2005 International Conference on Dependable Systems and Networks (DSN’05), pp. 602–611. IEEE, Piscataway (2005)
Zhao, J.J., Zhao, S.Y.: Opportunities and threats: a security assessmentof state e-government websites. Govt. Inf. Quart. 27(1), 49–56 (2010)
Mooers, C.N.: Preventing software piracy. Computer 10(3), 29–30 (1977)
McPherson, J., Ma, K.-L., Krystosk, P., Bartoletti, T., Christensen, M.: Portvis: a tool for port-based detection of security events. In: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, pp. 73–81 (2004)
Mathew, K., Tabassum, M., Siok, M.V.L.A.: A study of open ports as security vulnerabilities in common user computers. In: 2014 International Conference on Computational Science and Technology (ICCST), pp. 1–6. IEEE, Piscataway (2014)
Maini, R., Bvducoep, P., Pandey, R., Kumar, R., Gupta, R.: Automated web vulnerability scanner. Int. J. Eng. Appl. Sci. Technol. 4(1), 132–136 (2019)
What Is Python? Executive Summary Python.org. https://www.python.org/doc/essays/blurb/
Van Rossum, G., et al.: Python programming language. In: USENIX Annual Technical Conference, vol. 41, pp. 1–36 (2007)
Orebaugh, A., Pinkard, B.: Nmap in the Enterprise: Your Guide to Network Scanning. Elsevier, Amsterdam (2011)
Lyon, G.F.: Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning. Insecure. Com LLC (US) (2008)
Liao, S., Zhou, C., Zhao, Y., Zhang, Z., Zhang, C., Gao, Y., Zhong, G.: A comprehensive detection approach of nmap: principles, rules and experiments. In: 2020 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), pp. 64–71. IEEE, Piscataway (2020)
Chapter 15. Nmap Reference Guide Nmap Network Scanning. https://nmap.org/book/man.html#man-description
Nmap Scripting Engine (NSE) Nmap Network Scanning. https://nmap.org/book/man.html#man-description
Grinberg, M.: Flask Web Development: Developing Web Applications with Python. O’Reilly Media, Sebastopol (2018)
Masse, M.: REST API Design Rulebook: Designing Consistent RESTful Web Service Interfaces. O’Reilly Media, Sebastopol (2011)
Burr, C., Couturier, B.: A gateway between gitlab ci and dirac. In: EPJ Web of Conferences, vol. 245, p. 05026. EDP Sciences, Les Ulis (2020)
Ionescu, V.M.: The analysis of the performance of rabbitmq and activemq. In: 2015 14th RoEduNet International Conference-Networking in Education and Research (RoEduNet NER), pp. 132–137. IEEE, Piscataway (2015)
What Can RabbitMQ do for You? — RabbitMQ. https://www.rabbitmq.com/features.html
RabbitMQ Tutorial - “Hello World!” — RabbitMQ. https://www.rabbitmq.com/tutorials/tutorial-one-python.html
Flower - Celery Monitoring Tool – Flower 1.0.1 Documentation. https://flower.readthedocs.io/en/latest/
Castiglione, A., Palmieri, F., Petraglia, M., Pizzolante, R.: Vulsploit: A module for semi-automatic exploitation of vulnerabilities. In: IFIP International Conference on Testing Software and Systems, pp. 89–103. Springer, Berlin (2020)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Malkawi, M., Alhajj, R. (2023). Parallelized Cyber Reconnaissance Automation: A Real-Time and Scheduled Security Scanner. In: Özyer, S.T., Kaya, B. (eds) Cyber Security and Social Media Applications. Lecture Notes in Social Networks. Springer, Cham. https://doi.org/10.1007/978-3-031-33065-0_2
Download citation
DOI: https://doi.org/10.1007/978-3-031-33065-0_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-33064-3
Online ISBN: 978-3-031-33065-0
eBook Packages: Literature, Cultural and Media StudiesLiterature, Cultural and Media Studies (R0)