Dream Science

DS Journal of Cyber Security (DS-CYS)

Research Article | Open Access | Download Full Text

Volume 2 | Issue 4 | Year 2024 | Article Id: CYS-V2I4P101 DOI: https://doi.org/10.59232/CYS-V2I4P101

Agentless Vulnerability Detection for Windows System and Network

R. Karthiban, S. Christ Michael Jeniston, S. Divya Sree, N.U. Haripriya, M. Harish, J. Lalith Kumar, S. Manikandan

ReceivedRevisedAcceptedPublished
06 Oct 202411 Nov 202430 Nov 202424 Dec 2024

Citation

R. Karthiban, S. Christ Michael Jeniston, S. Divya Sree, N.U. Haripriya, M. Harish, J. Lalith Kumar, S. Manikandan. “Agentless Vulnerability Detection for Windows System and Network.” DS Journal of Cyber Security, vol. 2, no. 4, pp. 2-4, 2024.

Abstract

The current outcomes generated by various network scanning and vulnerability assessment tools exhibit considerable divergence. These discrepancies result in inconsistent data formats and varying levels of detail, complicating the integration of results from different instruments. Furthermore, network and system scanners often operate as standalone tools, exacerbating the challenges associated with the evaluation process. This paper introduces a cohesive strategy that bridges the divide between network and system scanning, providing a unified report on the overall security posture of the network and system within the targeted machine. By harmonizing data from multiple scanning mechanisms, this approach facilitates a thorough and streamlined evaluation, offering a clearer perspective on potential vulnerabilities. Operating without agents, this solution reduces the impact on the target system, mitigating performance issues and security threats linked to agent-based approaches.

Keywords

Audit policies, Defender settings, Firewall rules, Installed hotfixes, Scheduled tasks.

References

[1] Bing Zhang et al., “Efficiency and Effectiveness of Web Application Vulnerability Detection Approaches: A Review,” ACM Computing Surveys, vol. 54, no. 9, pp. 1-35, 2021.

[CrossRef] [Google Scholar] [Publisher Link]

[2] Ömer Aslan et al., “A Comprehensive Review of Cyber Security Vulnerabilities, Threats, Attacks, and Solutions,” Electronics, vol. 12, no. 6, 2023.

[CrossRef] [Google Scholar] [Publisher Link]

[3] Asem Ghaleb, “Agentless Endpoint Security Monitoring Framework,” Electronic Theses and Dissertations (ETD), University of Victoria, 2019.

[Google Scholar] [Publisher Link]

[4] João Pedro Seara, and Carlos Serrão, “Automation of System Security Vulnerabilities Detection Using Open-Source Software,” Electronics, vol. 13, no. 5, 2024.

[CrossRef] [Google Scholar] [Publisher Link]

[5] Santiago Figueroa-Lorenzo, Javier Añorga, and Saioa Arrizabalaga, “A Survey of IIoT Protocols: A Measure of Vulnerability Risk Analysis Based on CVSS,” ACM Computing Surveys, vol. 53, no. 2, pp. 1-53, 2020.

[CrossRef] [Google Scholar] [Publisher Link]

[6] Kismat Chhillar, and Saurabh Shrivastava, “Vulnerability Assessment of University Computer Network Using Scanning Tool Nexpose,” Recent Trends in Communication and Intelligent Systems, pp. 207-214, 2022.

[CrossRef] [Google Scholar] [Publisher Link]

[7] Francisco R.P. da Ponte, Emanuel B. Rodrigues, and César L.C. Mattos, “CVEjoin: An Information Security Vulnerability and Threat Intelligence Dataset,” Advanced Information Networking and Applications, pp. 380-392, 2023.

[CrossRef] [Google Scholar] [Publisher Link]

[8] Sagar Rahalkar, Quick Start Guide to Penetration Testing with NMAP, OpenVAS and Metasploit, 1st ed., Apress, Berkeley, 2019.

[CrossRef] [Google Scholar] [Publisher Link]

[9] Pooja D. Pandit, “Nessus: Study of a Tool to Assess Network Vulnerabilities,” 2021.

[Google Scholar]

[10] U. Kumaran et al., “Web Vulnerability Scanner,” Advances in Information Communication Technology and Computing, pp. 193-207, 2024.

[CrossRef] [Google Scholar] [Publisher Link]

[11] Rabaya Sultana Mim, Toukir Ahammed, and Kazi Sakib, “Automated Software Vulnerability Detection in Statement Level Using Vulnerability Reports,” Proceedings of the 28th International Conference on Evaluation and Assessment in Software Engineering, pp. 454-455, 2024.

[CrossRef] [Google Scholar] [Publisher Link]

[12] Xigao Li et al., “Scan Me If You Can: Understanding and Detecting Unwanted Vulnerability Scanning,” Proceedings of the ACM Web Conference, pp. 2284-2294, 2023.

[CrossRef] [Google Scholar] [Publisher Link]

[13] Michał Walkowski, Jacek Oko, and Sławomir Sujecki, “Vulnerability Management Models Using a Common Vulnerability Scoring System,” Applied Sciences, vol. 11, no. 18, 2021.

[CrossRef] [Google Scholar] [Publisher Link]

[14] Dipali N. Railkar, and Shubhalaxmi Joshi, “A Study on Vulnerability Scanning Tools for Network Security,” International Journal of Scientific Research in Computer Science Engineering and Information Technology, vol. 8, no. 6, pp. 340-350, 2022.

[Google Scholar] [Publisher Link]

[15] A. Sowmyashree, and H.S. Guruprasad, “Evaluation and Analysis of Vulnerability Scanners: Nessus and OpenVAS,” International Research Journal of Engineering and Technology, vol. 7, no. 5, pp. 2068-2073, 2020.

[Google Scholar] [Publisher Link]


Agentless Vulnerability Detection for Windows System and Network