Render 2016
Portfolio
  • Slider Image
    Poh Emran Bin Elias
  • Slider Image
    Tan Yong Jian Samuel
  • Slider Image
    Jared Quek Jie Ren
  • Slider Image
    Lim Hwee Chye

Lokton

Categories

Course & option
Diploma in Infocomm Security Management

Project Title
Lokton : An automated security evaluation of a network of machines

Team Members
Poh Emran Bin Elias, Jared Quek Jie Ren, Lim Hwee Chye, Tan Yong Jian Samuel

Internal Supervisor
Eileen Yeo (Eileen_Yeo@sp.edu.sg)

Supervisor
Dinil Mon Divakaran

Technology Used
ESXi Server 6.0, Nexpose, Nessus, MBSA, VMWare vCenter Converter

Background:
Network vulnerability scans are executed periodically to ensure that the network is free of any known vulnerabilities. These scans are conducted using network vulnerability tools to scan the physical network of systems. More often than not, these scans are intrusive and can cause the system to malfunction. Examples include but are not limited to: modification of data and service disruption.

Vulnerability assessments conducted by IT professionals are relatively expensive. Small companies that wish to secure their network may not have the financial capabilities nor the IT security expertise to execute such scans. In the event that they do proceed with the scans, they run a higher risk of a service disruption or complete system failure.

Description
The Lokton project requires the creation of a tool for an automated security evaluation of a network of machines. It consists of 2 phases; Emulation and Evaluation.

Emulation seeks to copy the volumes of the source computer/machine to be converted into a virtual machine. All system configurations and applications currently installed in the source computer would be included inside its virtual machine counterpart. It would emulate the network of virtual machines in a separate environment in an attempt to recreate the original conditions

Evaluation of the network of virtual machines aims to provide the user with a comprehensive report on the security status and vulnerabilities that exists within the network through the use of third party vulnerability analysis tools.

With the seamless integration of the 2 phases, the tool would produce an evaluation of a network of emulated machines in an automated fashion.

Potential Opportunities
Lokton has the potential with further development to include more improvement in the near future. Application of a more diverse choice of vulnerability analysers and a unified report is simply just a start.

 

 

Client

Confidential

Date

Undated