A framework for automating environmental vulnerability analysis of network services

Abstract

The primary objective of this paper is to introduce a comprehensive framework designed to automate the assessment of environmental vulnerability status of communication protocols and networked services, within operational contexts. The proposed algorithm leverages the Common Vulnerability Scoring System version 3 (CVSS 3) metrics in conjunction with network security data. The initial step involves the establishment of a network security ontology, which serves to model the environmental attributes associated with the current security posture of communication protocol channels available within an infrastructure. The process commences with the identification and enumeration of all active communication services through a combination of diverse information gathering tools. Subsequently, active network services undergo assessment using a blend of passive scanning and active security analysis tools, which produce the environmental security score. This score can be integrated into vulnerability scoring systems such as CVSS, facilitating the fine-tuning of base CVSS scores, as well as vulnerability mitigation in real-world environments. To validate the proposed framework, we conducted testing across various networks and communication protocols within a controlled environment, thereby offering tangible illustrations for widely-utilized communication protocols.