|Article title||ON THE PROBLEM OF ACTIVE AUDIT IN COMPUTER NETWORKS|
|Authors||R.V. Semin, V.A. Novosiadlyi|
|Section||SECTION II. NETWORK SECURITY|
|Month, Year||05, 2015 @en|
|Abstract||Nowadays, computer security in computer networks is of great importance. Password leaks show that even if one construct a good security network there is always a possibility of security penetration due to weak passwords or password policy. Active security audit and its main tool – penetration testing – are capable of detecting weak points in password security. The process of active audit faces a number of issues that can affect audit results by causing false failures. One of the main issues is the usage of proxy servers. The goals of the article is to study the process of active password audit and to create a mathematical model that takes into account the probability of false failures and minimizes them. The mathematical model defines the probability of “failed” and “success” attempts of penetration tests using a random variable that shows the probability of parallel successful connections via proxy server. We assume it to have Gaussian distribution and find its EV and standard deviation on an experimental basis. Using the constructed model, we can find the maximum amount of successful connections per second at the exact time of day in order to maximize the speed of penetrations tests while having minimum amount of false failures.|
|Keywords||Active audit; penetration testing; mathematical model; proxy server connection; remote audit.|
|References||1. Trustwave 2013 Global Security Report. Available at: http://www2.trustwave.com/rs/ trustwave/images/2013-Global-Security-Report.pdf.
2. Coburn T. The Federal Government’s Track Record on Cybersecurity and Critical Infrastructure. Available at: http://www.hsgac.senate.gov/download/?id=8BC15BCD-4B90-4691-BDBA-C1F0584CA66A.
3. BBC News – LinkedIn passwords leaked by hackers. Available at: http://www.bbc.com/news/ technology-18338956.
4. BBC News – Valve's online game service Steam hit by hackers. Available at: http://www.bbc.co.uk/news/technology-15690187.
5. Fildes J. BBC News – Technology – Scam hits more e-mail accounts. Available at: http://news.bbc.co.uk/2/hi/technology/8292299.stm.
6. Rogers R., Ed Fuller E., Greg Miles G. Network Security Evaluation. Using the NSA IEM. Syngress, 2005.
7. Watcher: Web security testing tool and passive vulnerability scanner. Available at: http://websecuritytool.codeplex.com.
8. Open-AudIT – The network inventory, audit, documentation and management tool. Available at: http://www.open-audit.org.
9. Network Security Audit Software for Firewalls, Switches and Routers. Available at: https://www.titania.com/nipperstudio.
10. Monitor Network Traffic Using The Passive Vulnerability Scanner. Available at: http://www.tenable.com/products/passive-vulnerability-scanner.
11. Scarfone K., Souppaya M., Cody A., Orebaugh A. Technical Guide to Information Security Testing and Assessment Recommendations of the National Institute of Standards and Technology. NIST Special Publication 800‑115, 2008, 80 p.
12. Sayana S.A. Approach-to-Auditing-Network-Security. Information Systems Audit and Control Association, 2003.
13. Krutz R.L., Vines R.D. Penetration Testing. The CISSP® and CAPCM Prep Guide: Platinum Edition. John Wiley & Sons, 2006.