Designing Systemic Vulnerability Assessment Framework for Penetration Testing
No Thumbnail Available
Date
2022-03-02
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Addis Ababa University
Abstract
The main goal of this study is to develop a “systemic vulnerability assessment framework” that can improve the performance of penetration testing. This is done by defining a mechanism to quantify the “risk” that is associated with an identified “target node” with the “operating environment” in consideration.
The approach generally taken in this study utilized the “Design Science Research” paradigm. The main problems identified are; the lack of “numerically quantifying the risk of vulnerabilities” during penetration testing and an overwhelming amount of data that is produced during “vulnerability assessment” in penetration testing. Accordingly, to improve these aspects, data gathered from open-source vulnerability databases were utilized. Following, with the aid of provided CVSS scores and “analysis and literature review”, a framework was proposed. Finally, a script was developed based on the framework and tested using scanned synthetic data.
In the demonstration using synthetic data, it was found that the abstraction model proposed, significantly reduces the number of paths that need to be accessed. That is the abstraction taken by the framework needs to analyze only 61,258 paths formed by 499 weaknesses, as compared to several billion paths that can be formed using more than two weaknesses.
Furthermore, “related weaknesses” or “pattern” criteria found in CWE data can help testers prioritize paths formed together with the “chained score” and “vulnerability connectivity operator”. Additionally, the output of CVEs based on platforms can help “penetration testers “choose their automated tools based on the list generated; unlike traditional penetration testing processes that rely on automated testing tools to identify weaknesses.
Finally, the main limitation of this study is the frameworks’ inability to capture unregistered vulnerabilities. In addition, coming up with a more pragmatic approach that can reduce “analyzing paths” that do not have to be considered can improve the framework.
Description
Keywords
CVSS, CWE, CVE, Vulnerability, Vulnerability Assessment