Affiliation:
1. Department of Computer Networks and Communications, CCSIT, King Faisal University, Al-Ahsa 31982, Saudi Arabia
Abstract
Given the widespread use of the internet at the individual, governmental, and nongovernmental levels, and the opportunities it offers, such as online shopping, security concerns may arise. Cyber criminals are responsible for stopping organizations’ access to internet, for stealing valuable and confidential data, and causing other damage. Therefore, the network must be protected and meet security requirements. Network penetration testing is a type of security assessment used to find risk areas and vulnerabilities that threaten the security of a network. Thus, network penetration testing is designed to provide prevention and detection controls against attacks in the network. A tester looks for security issues in the network operation, design, or implementation of the particular company or organization. Thus, it is important to identify the vulnerabilities and identify the threats that may exploit them in order to find ways to reduce their dangers.The ports at risk are named and discussed in this study. Furthermore, we discuss the most common tools used for network penetration testing. Moreover, we look at potential attacks and typical remediation strategies that can be used to protect the vulnerable ports by reviewing the related publications. In conclusion, it is recommended that researchers in this field focus on automated network penetration testing. In the future, we will use machine learning in WLAN penetration testing, which provides new insight and high efficiency in performance. Moreover, we will train machine learning models to detect a wide range of vulnerabilities in order to find solutions to mitigate the risks in a short amount of time rather that through manual WLAN penetration testing, which consumes a lot of time. This will lead to improving security and reducing loss prevention.
Subject
Fluid Flow and Transfer Processes,Computer Science Applications,Process Chemistry and Technology,General Engineering,Instrumentation,General Materials Science
Reference44 articles.
1. Adamovic, S. (2019). Sinteza 2019-International Scientific Conference on Information Technology and Data Related Research, Singidunum University.
2. Tidy, J. (2023, May 17). Swedish Coop Supermarkets Shut Due to Us Ransomware Cyber-Attack. Available online: https://www.bbc.com/news/technology-57707530.
3. Shah, M., Ahmed, S., Saeed, K., Junaid, M., and Khan, H. (2019, January 30–31). Penetration testing active reconnaissance phase–optimized port scanning with nmap tool. Proceedings of the IEEE 2019 2nd International Conference on Computing, Mathematics and Engineering Technologies (iCoMET), Sukkur, Pakistan.
4. Jayasuryapal, G., Meher Pranay, P., and Kaur, H. (2021, January 28–30). A Survey on Network Penetration Testing. Proceedings of the IEEE 2021 2nd International Conference on Intelligent Engineering and Management (ICIEM), London, UK.
5. (2023, May 06). Packetlabs. Black-Box vs. Grey-Box vs. White-Box Penetration Testing. Available online: https://www.packetlabs.net/posts/types-of-penetration-testing/.
Cited by
11 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献