Abstract

The increasing number of attacks leads to a growing research and development interest in cybersecurity systems. As a response to the increasingly distributed nature of attacks, many organizations have demonstrated willingness to exchange information concerning threats, incidents, and mitigation strategies with security detection tools and techniques. Various security detection techniques such as signature recognition, anomaly detection, etc fail to completely detect complicated attacks. The current situation can be dealt with as a significant tool that helps auditors and administrators to manage and identify distributed threats. In this paper, a novel social spider communicating behavior-based swarm intelligent open-source Orchestrated Continuous Vulnerability Assessment (OCVA) scanning tool is proposed. The proposed OCVA tool addresses the requirement of orchestration of continuous vulnerability assessment of all automated cybersecurity detection processes. It scans, monitors, visualizes, analyzes, mitigates, and remediates the vulnerabilities of the network, assets, and web applications. It helps the developers and security auditors overcome challenges by providing the desired visualizations and analytics of the vulnerable assets. Two case studies are conducted on the basis of the algorithmic comparative analysis with BRICK, Fuzzing, ACO, PSO and GA based vulnerability scanners along with the tool based comparative evaluation with W3af, ZAP, Wapiti, and Arachni in terms of vulnerability detection rate, accuracy, false positive rate, true positive rate and consistency. The results indicate that the proposed OCVA tool outperforms in terms of accuracy, vulnerability remediation rate, and consistency in both.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.