The Experts below are selected from a list of 39 Experts worldwide ranked by ideXlab platform
Jianhua Yang - One of the best experts on this subject based on the ideXlab platform.
-
AINA Workshops - Ethical Hacking and Network Defense: Choose Your Best Network Vulnerability Scanning Tool
2017 31st International Conference on Advanced Information Networking and Applications Workshops (WAINA), 2017Co-Authors: Yien Wang, Jianhua YangAbstract:Hands-on ethical hacking and network defense has become an essential component in teaching cybersecurity. However, without understanding vulnerabilities in a computer system, it would be difficult to conduct successful network defense in order to prevent intruders in the real world. Therefore, teaching ethical hacking and Vulnerability Scanning is a key element to the success of cybersecurity curriculum. In this paper, we review the state of the art of current open source Vulnerability Scanning Tools. A virtual lab environment is introduced as part of our lab design. We present our designed hands-on labs in detail using Vulnerability Scanning Tool OpenVAS. We review outcomes after conducting the hands-on labs in our cybersecurity courses and identify future work for open research areas.
-
Ethical Hacking and Network Defense: Choose Your Best Network Vulnerability Scanning Tool
2017 31st International Conference on Advanced Information Networking and Applications Workshops (WAINA), 2017Co-Authors: Yien Wang, Jianhua YangAbstract:Hands-on ethical hacking and network defense has become an essential component in teaching cybersecurity. However, without understanding vulnerabilities in a computer system, it would be difficult to conduct successful network defense in order to prevent intruders in the real world. Therefore, teaching ethical hacking and Vulnerability Scanning is a key element to the success of cybersecurity curriculum. In this paper, we review the state of the art of current open source Vulnerability Scanning Tools. A virtual lab environment is introduced as part of our lab design. We present our designed hands-on labs in detail using Vulnerability Scanning Tool OpenVAS. We review outcomes after conducting the hands-on labs in our cybersecurity courses and identify future work for open research areas.
Yien Wang - One of the best experts on this subject based on the ideXlab platform.
-
AINA Workshops - Ethical Hacking and Network Defense: Choose Your Best Network Vulnerability Scanning Tool
2017 31st International Conference on Advanced Information Networking and Applications Workshops (WAINA), 2017Co-Authors: Yien Wang, Jianhua YangAbstract:Hands-on ethical hacking and network defense has become an essential component in teaching cybersecurity. However, without understanding vulnerabilities in a computer system, it would be difficult to conduct successful network defense in order to prevent intruders in the real world. Therefore, teaching ethical hacking and Vulnerability Scanning is a key element to the success of cybersecurity curriculum. In this paper, we review the state of the art of current open source Vulnerability Scanning Tools. A virtual lab environment is introduced as part of our lab design. We present our designed hands-on labs in detail using Vulnerability Scanning Tool OpenVAS. We review outcomes after conducting the hands-on labs in our cybersecurity courses and identify future work for open research areas.
-
Ethical Hacking and Network Defense: Choose Your Best Network Vulnerability Scanning Tool
2017 31st International Conference on Advanced Information Networking and Applications Workshops (WAINA), 2017Co-Authors: Yien Wang, Jianhua YangAbstract:Hands-on ethical hacking and network defense has become an essential component in teaching cybersecurity. However, without understanding vulnerabilities in a computer system, it would be difficult to conduct successful network defense in order to prevent intruders in the real world. Therefore, teaching ethical hacking and Vulnerability Scanning is a key element to the success of cybersecurity curriculum. In this paper, we review the state of the art of current open source Vulnerability Scanning Tools. A virtual lab environment is introduced as part of our lab design. We present our designed hands-on labs in detail using Vulnerability Scanning Tool OpenVAS. We review outcomes after conducting the hands-on labs in our cybersecurity courses and identify future work for open research areas.
Jasem Alostad - One of the best experts on this subject based on the ideXlab platform.
-
sql injection Vulnerability Scanning Tool for automatic creation of sql injection attacks
Procedia Computer Science, 2011Co-Authors: Ala Yaseen Ibrahim Shakhatreh, Mohd Syazwan Abdullah, Jasem AlostadAbstract:Securing the web against frequent cyber attacks is a big concern as attackers usually intend to snitch private information, financial information, deface and damages websites to prove their hacking capabilities. This type of vandalism may drive many corporations that conduct their business through the web to suffer financial and reputation damages. One of the most dangerous cyber attacks is the Structured Query Language (SQL)-injection attack, whereby this type of attack can be launched through the web browsers. The Vulnerability of SQL-injection attack can be attributed to inappropriate programming practice by the website developers, which leaves a lot of doors widely open for the attackers to exploit these and gaining access to confidential information that resides in the website server databases. In order to address this Vulnerability, it must be feasible to detect the Vulnerability and enhance the coding structure of the website to avoid being an easy victim to this type of cyber attacks. Detecting the SQL-injection Vulnerability requires the development of a powerful Tool that can automatically create SQLinjection attacks using efficient features (different attacking patters) to detect the Vulnerability of the websites. This paper discuss the development of a new web Scanning (MySQLlInjector) Tool with enhanced features that will be able to conduct efficient penetration test on PHP (started as Personal Home Page but now widely used as Hypertext Preprocesses) based websites to detect SQL injection vulnerabilities. This Tool will automate the penetration test process, to make it easy even for those who are not aware familiar about hacking techniques.
-
WCIT - SQL-injection Vulnerability Scanning Tool for automatic creation of SQL-injection attacks
Procedia Computer Science, 2011Co-Authors: Ala Yaseen Ibrahim Shakhatreh, Mohd Syazwan Abdullah, Jasem AlostadAbstract:Securing the web against frequent cyber attacks is a big concern as attackers usually intend to snitch private information, financial information, deface and damages websites to prove their hacking capabilities. This type of vandalism may drive many corporations that conduct their business through the web to suffer financial and reputation damages. One of the most dangerous cyber attacks is the Structured Query Language (SQL)-injection attack, whereby this type of attack can be launched through the web browsers. The Vulnerability of SQL-injection attack can be attributed to inappropriate programming practice by the website developers, which leaves a lot of doors widely open for the attackers to exploit these and gaining access to confidential information that resides in the website server databases. In order to address this Vulnerability, it must be feasible to detect the Vulnerability and enhance the coding structure of the website to avoid being an easy victim to this type of cyber attacks. Detecting the SQL-injection Vulnerability requires the development of a powerful Tool that can automatically create SQLinjection attacks using efficient features (different attacking patters) to detect the Vulnerability of the websites. This paper discuss the development of a new web Scanning (MySQLlInjector) Tool with enhanced features that will be able to conduct efficient penetration test on PHP (started as Personal Home Page but now widely used as Hypertext Preprocesses) based websites to detect SQL injection vulnerabilities. This Tool will automate the penetration test process, to make it easy even for those who are not aware familiar about hacking techniques.
Ala Yaseen Ibrahim Shakhatreh - One of the best experts on this subject based on the ideXlab platform.
-
sql injection Vulnerability Scanning Tool for automatic creation of sql injection attacks
Procedia Computer Science, 2011Co-Authors: Ala Yaseen Ibrahim Shakhatreh, Mohd Syazwan Abdullah, Jasem AlostadAbstract:Securing the web against frequent cyber attacks is a big concern as attackers usually intend to snitch private information, financial information, deface and damages websites to prove their hacking capabilities. This type of vandalism may drive many corporations that conduct their business through the web to suffer financial and reputation damages. One of the most dangerous cyber attacks is the Structured Query Language (SQL)-injection attack, whereby this type of attack can be launched through the web browsers. The Vulnerability of SQL-injection attack can be attributed to inappropriate programming practice by the website developers, which leaves a lot of doors widely open for the attackers to exploit these and gaining access to confidential information that resides in the website server databases. In order to address this Vulnerability, it must be feasible to detect the Vulnerability and enhance the coding structure of the website to avoid being an easy victim to this type of cyber attacks. Detecting the SQL-injection Vulnerability requires the development of a powerful Tool that can automatically create SQLinjection attacks using efficient features (different attacking patters) to detect the Vulnerability of the websites. This paper discuss the development of a new web Scanning (MySQLlInjector) Tool with enhanced features that will be able to conduct efficient penetration test on PHP (started as Personal Home Page but now widely used as Hypertext Preprocesses) based websites to detect SQL injection vulnerabilities. This Tool will automate the penetration test process, to make it easy even for those who are not aware familiar about hacking techniques.
-
WCIT - SQL-injection Vulnerability Scanning Tool for automatic creation of SQL-injection attacks
Procedia Computer Science, 2011Co-Authors: Ala Yaseen Ibrahim Shakhatreh, Mohd Syazwan Abdullah, Jasem AlostadAbstract:Securing the web against frequent cyber attacks is a big concern as attackers usually intend to snitch private information, financial information, deface and damages websites to prove their hacking capabilities. This type of vandalism may drive many corporations that conduct their business through the web to suffer financial and reputation damages. One of the most dangerous cyber attacks is the Structured Query Language (SQL)-injection attack, whereby this type of attack can be launched through the web browsers. The Vulnerability of SQL-injection attack can be attributed to inappropriate programming practice by the website developers, which leaves a lot of doors widely open for the attackers to exploit these and gaining access to confidential information that resides in the website server databases. In order to address this Vulnerability, it must be feasible to detect the Vulnerability and enhance the coding structure of the website to avoid being an easy victim to this type of cyber attacks. Detecting the SQL-injection Vulnerability requires the development of a powerful Tool that can automatically create SQLinjection attacks using efficient features (different attacking patters) to detect the Vulnerability of the websites. This paper discuss the development of a new web Scanning (MySQLlInjector) Tool with enhanced features that will be able to conduct efficient penetration test on PHP (started as Personal Home Page but now widely used as Hypertext Preprocesses) based websites to detect SQL injection vulnerabilities. This Tool will automate the penetration test process, to make it easy even for those who are not aware familiar about hacking techniques.
Muhammad Rafiq Mufti - One of the best experts on this subject based on the ideXlab platform.
-
BWCCA - A Quantitative Measure of the Security Risk Level of Enterprise Networks
2013 Eighth International Conference on Broadband and Wireless Computing Communication and Applications, 2013Co-Authors: Rashid Munir, Jules Pagna Disso, Irfan Awan, Muhammad Rafiq MuftiAbstract:Along with the tremendous expansion of information technology and networking, the number of malicious attacks which cause disruption to business processes has concurrently increased. Despite such attacks, the aim for network administrators is to enable these systems to continue delivering the services they are intended for. Currently, many research efforts are directed towards securing network further whereas, little attention has been given to the quantification of network security which involves assessing the Vulnerability of these systems to attacks. In this paper, a method is devised to quantify the security level of IT networks. This is achieved by electronically Scanning the network using the Vulnerability Scanning Tool (Nexpose) to identify the Vulnerability level at each node classified according to the common Vulnerability scoring system standards (critical, severe and moderate). Probabilistic approach is then applied to calculate an overall security risk level of sub networks and entire network. It is hoped that these metrics will be valuable for any network administrator to acquire an absolute risk assessment value of the network. The suggested methodology has been applied to a computer network of an existing UK organization with 16 nodes and a switch.
