Skip to main content
SpringerLink
Log in

AutoRat: Automated Risk Assessment Tool for Network Mapper Scanning

  • Conference paper
  • First Online:
Proceedings of the 18th International Conference on Computing and Information Technology (IC2IT 2022) (IC2IT 2022)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 453))

Included in the following conference series:

Abstract

Network vulnerability discovery can generally be done using vulnerability scanning tools that are able to identify possible threats or flaws of network services, ports, devices, protocols, operating systems, and software connected to a network. Most existing tools give a list of vulnerabilities on network-related services and they are used in another stage of the analysis such as risk assessment, penetration test, and re-programming. However, the automatic compilation of the detected vulnerabilities into the risk assessment is crucial for timely risk mitigation and optimized penetration test process. This paper proposes a design and implementation of a risk assessment tool called Auto-RAT which delivers an automatic risk assessment from Nmap, a network enumeration tool supporting the penetration test process. To enable the usability and immediate risk analysis of the Nmap, Auto-RAT is designed to realize the process of Nmap and its result for the automatic compilation into the risk assessment engine. We propose a set of algorithms to convert Nmap scan results into risk assessment model where the risk scoring is calculated using the Common Vulnerability Scoring System (CVSS). Finally, the system generates final risk assessment score and possible risk mitigation strategies for the system evaluation. We run the simulation by comparing the overlapped results between our AutoRAT and Nessus scan result to demonstrate that AutoRAT can effectively reduce the set of vulnerabilities that will be executed in the penetration test process.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 149.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 199.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Yuen, J., Turnbull, B., Hernandez, J.: Visual analytics for cyber red teaming. In: IEEE, Symposium on Visualization for Cyber Security (VizSec 2015), pp. 1–8 (2015). https://doi.org/10.1109/VIZSEC.2015.7312765

  2. Zheng, S., et al.: PTVis: visual narrative and auxiliary decision to assist in comprehending the penetration testing process. IEEE Access 8, 194523–194540 (2020). https://doi.org/10.1109/ACCESS.2020.3033391

  3. Nmap official website. https://nmap.org/. Accessed 9 Feb 2022

  4. VulDB Search. https://vuldb.com/?search. Accessed 9 Feb 2022

  5. Liao, S., et al.: A Comprehensive detection approach of Nmap: principles, rules and experiments. In: Proceeding of the 2020 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC 2020), Chongqing, China, 29–30 October 2020, pp. 64–71 (2020). https://doi.org/10.1109/CyberC49757.2020.00020

  6. Chalvatzis, I., Karras, D.A., Papademetriou, R.C.: Evaluation of security vulnerability scanners for small and medium enterprises business networks resilience towards risk assessment. In: Proceeding of IEEE International Conference on Artificial Intelligence and Computer Applications (ICAICA 2019), Dalian, China, 29–31 March 2019, pp. 52–58 (2019) https://doi.org/10.1109/ICAICA.2019.8873438

  7. Shah, M., Ahmed, S., Saeed, K., Junaid, M., Khan, H., Ata-ur-rehman.: penetration testing active reconnaissance phase – optimized port scanning with Nmap tool. In: Proceeding of 2nd International Conference on Computing, Mathematics and Engineering Technologies (iCoMET 2019), Sukkur, Pakistan, 30–31 January 2019, pp. 1–6. (2019). https://doi.org/10.1109/ICOMET.2019.8673520

  8. Zhang, Z., Towey, D., Ying, Z., Zhang, Y., Zhou, Z.Q.: MT4NS: metamorphic testing for network scanning. In: Proceeding of IEEE/ACM Sixth International Workshop on Metamorphic Testing (MET 2021), Madrid, Spain, 2 June 2021, pp. 17–23 (2021). https://doi.org/10.1109/MET52542.2021.00010

  9. Rohrmann, R.R., Ercolani, V.J., Patton, M.W.: Large scale port scanning through tor using parallel Nmap scans to scan large portions of the IPv4 range. In: IEEE International Conference on Intelligence and Security Informatics (ISI 2017), Beijing, China, 22–24 July 2017, pp. 185–187 (2017). https://doi.org/10.1109/ISI.2017.8004906

  10. Liu, S.-C., Liu, Y.: Network security risk assessment method based on HMM and attack graph model. In: Proceeding of 17th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed (SNPD 2016), pp. 517–522. Shanghai, China, 30–1 May/Jun 2016, https://doi.org/10.1109/SNPD

  11. Zhu, X.: Computer network vulnerability assessment and safety evaluation application based on Bayesian theory. Int. J. Secur. Appl. 10(12), 359–368 (2016). https://doi.org/10.14257/ijsia.2016.10.12.29

  12. Wang, H., Chen, Z., Zhao, J., Di, X., Liu, D.: A vulnerability assessment method in industrial Internet of Things based on attack graph and maximum flow. IEEE Access 6, 8599–8609 (2018). https://doi.org/10.1109/ACCESS.2018.2805690

    Article  Google Scholar 

  13. George, G., Thampi, S.M.: A graph-based security framework for securing industrial IoT networks from vulnerability exploitation. IEEE Access 6, 43586–43601 (2018) https://doi.org/10.1109/ACCESS.2018.2863244

  14. He, W., Li, H., Li, J.: Unknown vulnerability risk assessment based on directed graph models: a survey. IEEE Access 7 168201–168225 (2019). https://doi.org/10.1109/ACCESS2019.2954092

  15. Wang, W., et al.: A vulnerability risk assessment method based on heterogeneous information network. IEEE Access 8, 148315–148330 (2020)

    Article  Google Scholar 

  16. Asvija, B., Eswari, R., Bijoy, M.B.: Bayesian attack graphs for platform virtualized infrastructures in clouds. J. Inf. Secur. Appl. 51, 102455 (2020). https://doi.org/10.1016/j.jisa.2020.102455

  17. Lallie, H.S., Debattista, K., Bal, J.: A review of attack graph and attack tree visual syntax in cyber security. Comput. Sci. Rev. 35, 100219 (2020). https://doi.org/10.1016/j.cosrev.2019.100219

  18. Vulnerability database. https://www.vuldb.com. Accessed 9 Feb 2022

  19. CVSS v3.1 Specification. https://www.first.org/cvss/specification-document. Accessed 9 Feb 2022

  20. CVSS PyPi. https://pypi.org/project/cvss/. Accessed 9 Feb 2022

  21. CWE – Common Weakness Enumeration. https://cwe.mitre.org/. Accessed 9 Feb 2022

  22. Download Metasploitable Intentionally Vulnerable Machine. https://information.rapid7.com/download-metasploitable-2017.html. Accessed 9 Feb 2022

  23. Nessus Essential Vulnerability Scanner. https://www.tenable.com/products/nessus/nessus-essentials. Accessed 9 Feb 2022

Download references

Author information

Authors and Affiliations

  1. School of Information, Computer, and Communication Technology, Sirindhorn International Institute of Technology, Thammasat University, Pathum Thani, 12120, Thailand

    Atit Sethapanee, Tanakorn Nimitrchai & Somchart Fugkeaw

Authors
  1. Atit Sethapanee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tanakorn Nimitrchai
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Somchart Fugkeaw
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Somchart Fugkeaw .

Editor information

Editors and Affiliations

  1. Faculty of IT and Digital Innovation, King Mongkut's University of Technology North Bangkok, Bangkok, Thailand

    Phayung Meesad

  2. Faculty of IT and Digital Innovation, King Mongkut's University of Technology North Bangkok, Bangkok, Thailand

    Sunantha Sodsee

  3. Faculty of IT and Digital Innovation, King Mongkut's University of Technology North Bangkok, Bangkok, Thailand

    Watchareewan Jitsakul

  4. Faculty of IT and Digital Innovation, King Mongkut's University of Technology North Bangkok, Bangkok, Thailand

    Sakchai Tangwannawit

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Sethapanee, A., Nimitrchai, T., Fugkeaw, S. (2022). AutoRat: Automated Risk Assessment Tool for Network Mapper Scanning. In: Meesad, P., Sodsee, S., Jitsakul, W., Tangwannawit, S. (eds) Proceedings of the 18th International Conference on Computing and Information Technology (IC2IT 2022). IC2IT 2022. Lecture Notes in Networks and Systems, vol 453. Springer, Cham. https://doi.org/10.1007/978-3-030-99948-3_10

Download citation

Publish with us

Policies and ethics

Search

Navigation