DocumentCode
1846815
Title
An Easy-to-Deploy Penetration Testing Platform
Author
Duan, Bing ; Zhang, Yinqian ; Gu, Dawu
Author_Institution
Dept. of Inf. Security Eng., Shanghai Jiao Tong Univ., Shanghai
fYear
2008
fDate
18-21 Nov. 2008
Firstpage
2314
Lastpage
2318
Abstract
Penetration testing is an important branch of network security evaluation, which aims at providing all-round investigation to find the vulnerabilities and security threats in systems and networks. Former penetration testing platforms lack the adaptability when applied to different types of systems or networks, and the manual tests which are prevailed in those platforms are usually long and complex processes. In this paper we focus on the improvement of penetration testing platforms and strategies, and we propose a novel penetration testing platform based on a recently launched LiveDVD system-SolarSword. We also discuss the design and implementation details of this new platform, and use a real penetration test case study to demonstrate its advantages over former platforms. The platform provides an automatic, easy-to-deploy methodology for penetration testing process, and overcomes the obvious drawbacks of former penetration testing platforms.
Keywords
operating systems (computers); security of data; LiveDVD system; Opensolaris operating system; SolarSword system; easy-to-deploy penetration testing platform; network security evaluation; security threat; Art; Automatic testing; Computer networks; Computer security; Distributed control; Information security; Operating systems; Performance evaluation; System testing; Tree data structures; Penetration testing; Security evaluation; SolarSword; security testing Platform;
fLanguage
English
Publisher
ieee
Conference_Titel
Young Computer Scientists, 2008. ICYCS 2008. The 9th International Conference for
Conference_Location
Hunan
Print_ISBN
978-0-7695-3398-8
Electronic_ISBN
978-0-7695-3398-8
Type
conf
DOI
10.1109/ICYCS.2008.335
Filename
4709333
Link To Document