Title :
An Easy-to-Deploy Penetration Testing Platform
Author :
Duan, Bing ; Zhang, Yinqian ; Gu, Dawu
Author_Institution :
Dept. of Inf. Security Eng., Shanghai Jiao Tong Univ., Shanghai
Abstract :
Penetration testing is an important branch of network security evaluation, which aims at providing all-round investigation to find the vulnerabilities and security threats in systems and networks. Former penetration testing platforms lack the adaptability when applied to different types of systems or networks, and the manual tests which are prevailed in those platforms are usually long and complex processes. In this paper we focus on the improvement of penetration testing platforms and strategies, and we propose a novel penetration testing platform based on a recently launched LiveDVD system-SolarSword. We also discuss the design and implementation details of this new platform, and use a real penetration test case study to demonstrate its advantages over former platforms. The platform provides an automatic, easy-to-deploy methodology for penetration testing process, and overcomes the obvious drawbacks of former penetration testing platforms.
Keywords :
operating systems (computers); security of data; LiveDVD system; Opensolaris operating system; SolarSword system; easy-to-deploy penetration testing platform; network security evaluation; security threat; Art; Automatic testing; Computer networks; Computer security; Distributed control; Information security; Operating systems; Performance evaluation; System testing; Tree data structures; Penetration testing; Security evaluation; SolarSword; security testing Platform;
Conference_Titel :
Young Computer Scientists, 2008. ICYCS 2008. The 9th International Conference for
Conference_Location :
Hunan
Print_ISBN :
978-0-7695-3398-8
Electronic_ISBN :
978-0-7695-3398-8
DOI :
10.1109/ICYCS.2008.335
