Defection of operating system vulnerabilities and network traffic analysis methods
DOI:
https://doi.org/10.26577/JMMCS2024121110Keywords:
network traffic, penetration, analysis, vulnerability, exploit, attack, Kali Linux, WindowsAbstract
Researchers and experts on information protection develop antivirus programs and applications to improve the security of operating systems and security policies. Threats will be relevant to organizations that do not consider security policies and regular software updates. This paper discusses applications for scanning and analyzing network traffic, such as Netdiscover, Wireshark, and Nmap. The model network is based on a virtual machine. This research aims to determine methods for scanning and analyzing network traffic and detecting network vulnerabilities. This study conducted a penetration test for Windows 7 using the Kali Linux operating system and identified the vulnerability of the operating system. The calculation of network traffic is performed with (1) the determination of the arithmetic means of network traffic, (2) the calculation of the variance, and (3) the determination of the magnitude of fluctuations relative to the average M, the range of maximum and minimum values of D, and the Hurst coefficient. The research results can be used in the field of information security systems.
References
Clarke N., Li F., Furnell S., "A novel privacy preserving user identification approach for network traffic", Computers & Security, 70 (2017): 335–350.
Gorodnichev M.G., et al, "Machine learning in the tasks of identifying unwanted content", In: Wave electronics and its application in information and telecommunication systems (WECONF), Saint-Petersburg (2019).
Gubareva O.Yu., Bourdine A.V., Evtushenko A.S., et al, Secure data transmission channel protected by special fiber optic link based on optical crypto-fibers. (2018). DOI:10.1117/12.2318579.
Jisa D., Ciza T., "Efficient DDoS flood attack detection using dynamic thresholding on flow-based network traffic", Computers & Security, 82 (2019): 284–295.
Kali Linux, Penetration Testing and Ethical Hacking Linux Distribution. [Electronic resource]. URL: https://www.kali.org/ (Date: 25.02.2024).
Kawasaki Y., Hara Y., Kuwahara M., "Traffic state estimation on a two-dimensional network by a state-space model", Transportation Research Part C: Emerging Technologies, 113 (2020): 176–192.
Klenilmar L., Dias M.A., Pongelupe W.M., "An innovative approach for real-time network traffic classification", Computer Networks, 158 (2019): 143–157.
KZ-CERT (2021) 170 IP addresses of potentially vulnerable Microsoft Exchange mail servers found in Kaznet. https://cert.gov.kz/news/11/1441.
Makarenko S.I., Smirnov G.E., "Analysis of penetration testing standards and methodologies", Systems of Control,
Communication and Security, 4 (2020): 44–72 (in Russian). DOI: 10.24411/2410-9916-2020-10402.
Markin Yu.V., "Methods and means of in-depth analysis of network traffic", Dissertation, V.P. Ivannikov Institute of System Programming of the Russian Academy of Sciences, (2017).
Pacheco F., Exposito E., Gineste M., "A framework to classify heterogeneous Internet traffic with machine learning and deep learning techniques for satellite communications", Computer Networks, 173 (2020): 107213.
Paramonov A.I., "Development and research of a complex of traffic models for public communication networks", Dissertation, St. Petersburg State University of Telecommunications named after Professor M. A. Bonch-Bruevichm, (2014).
Ring M., Schl¨or D., Landes D., et al, "Flow-based network traffic generation using. Generative Adversarial Networks", Computers & Security, 82 (2019): 156–172
Upadhyay D., Sampalli S., "SCADA (Supervisory Control and Data Acquisition) systems: Vulnerability assessment and security recommendations", Computers & Security, 89 (2020): 101666.
Vanyushina A.V., "Classification of IP traffic in a computer network using machine learning algorithms", Dissertation, Moscow Technical University of Communications and Informatics, (2019).
Yasasin E., Prester J., Wagner G., et al, "Forecasting IT security vulnerabilities– An empirical analysis", Computers & Security, 88 (2020): 101610.