Course & option
Diploma in Infocomm Security Management
Lokton : An automated security evaluation of a network of machines
Poh Emran Bin Elias, Jared Quek Jie Ren, Lim Hwee Chye, Tan Yong Jian Samuel
Eileen Yeo (Eileen_Yeo@sp.edu.sg)
Dinil Mon Divakaran
ESXi Server 6.0, Nexpose, Nessus, MBSA, VMWare vCenter Converter
Network vulnerability scans are executed periodically to ensure that the network is free of any known vulnerabilities. These scans are conducted using network vulnerability tools to scan the physical network of systems. More often than not, these scans are intrusive and can cause the system to malfunction. Examples include but are not limited to: modification of data and service disruption.
Vulnerability assessments conducted by IT professionals are relatively expensive. Small companies that wish to secure their network may not have the financial capabilities nor the IT security expertise to execute such scans. In the event that they do proceed with the scans, they run a higher risk of a service disruption or complete system failure.
The Lokton project requires the creation of a tool for an automated security evaluation of a network of machines. It consists of 2 phases; Emulation and Evaluation.
Emulation seeks to copy the volumes of the source computer/machine to be converted into a virtual machine. All system configurations and applications currently installed in the source computer would be included inside its virtual machine counterpart. It would emulate the network of virtual machines in a separate environment in an attempt to recreate the original conditions
Evaluation of the network of virtual machines aims to provide the user with a comprehensive report on the security status and vulnerabilities that exists within the network through the use of third party vulnerability analysis tools.
With the seamless integration of the 2 phases, the tool would produce an evaluation of a network of emulated machines in an automated fashion.
Lokton has the potential with further development to include more improvement in the near future. Application of a more diverse choice of vulnerability analysers and a unified report is simply just a start.