IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0043654
(2002-01-10)
|
등록번호 |
US-7325252
(2008-01-29)
|
발명자
/ 주소 |
- Bunker, V,Nelson Waldo
- Laizerovich,David
- Bunker,Eva Elizabeth
- Van Schuyver,Joey Don
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 |
피인용 횟수 :
72 인용 특허 :
17 |
초록
▼
To answer the security needs of the market, a preferred embodiment was developed. A preferred embodiment provides real-time network security vulnerability assessment tests, possibly complete with recommended security solutions. External vulnerability assessment tests can emulate hacker methodology i
To answer the security needs of the market, a preferred embodiment was developed. A preferred embodiment provides real-time network security vulnerability assessment tests, possibly complete with recommended security solutions. External vulnerability assessment tests can emulate hacker methodology in a safe way and enable study of a network for security openings, thereby gaining a true view of risk level without affecting customer operations. Because this assessment can be performed over the Internet, both domestic and worldwide corporations benefit. A preferred embodiment's physical subsystems combine to form a scalable holistic system that can be able to conduct tests for thousands of customers any place in the world. The security skills of experts can be embedded into a preferred embodiment systems and automated the test process to enable the security vulnerability test to be conducted on a continuous basis for multiple customers at the same time. A preferred embodiment can reduce the work time required for security practices of companies from three weeks to less than a day, as well as significantly increase their capacity. Component subsystems typically include a Database, Command Engine, Gateway, multiple Testers, Report Generator, and an RMCT.
대표청구항
▼
What is claimed is: 1. A network security testing apparatus comprising: at least one first tester for generating a security vulnerability attack simulation comprised of a plurality of waves of tests for iteratively testing for network security vulnerabilities of a network system under test, the at
What is claimed is: 1. A network security testing apparatus comprising: at least one first tester for generating a security vulnerability attack simulation comprised of a plurality of waves of tests for iteratively testing for network security vulnerabilities of a network system under test, the at least one first tester is adapted to communicably couple to the network system under test, said at least one first tester adapted to iteratively perform a plurality of waves of tests on the system under test to obtain network security vulnerability information; wherein each test in the plurality of waves of tests are adapted to return the network security vulnerability information regarding the network system under test, the network security vulnerability information provided by each test in the plurality of waves of tests being more specific to the network system under test than the network security vulnerability information provided by a previous test; wherein each test in the plurality of waves of tests are specifically modified in real-time to adapt to discovered security obstacles of the network system under test detected based on the network security vulnerability information gained from the previous test and to obtain additional network security vulnerability information from the network system under test. 2. The network security testing apparatus of claim 1, wherein each of the plurality of iterative tests are more specifically configured to adapt to system configuration of the network system under test based on the network security vulnerability information gained from the previous test and obtain the additional network security vulnerability information from the network system under test. 3. The network security testing apparatus of claim 1, wherein the network security vulnerability information includes information regarding network connectivity from the at least one first tester to the network system under test. 4. The network security testing apparatus of claim 1, wherein the network security vulnerability information includes connection information relating to an IP address used in the previous test. 5. The network security testing apparatus of claim 1, further comprising: at least one second tester that is adapted to communicably couple to the network system under test; wherein the previous test is executed by said at least one first tester; wherein determination of whether a subsequent test is executed by said at least one first tester or by said at least one second tester is made based at least partially upon the network security vulnerability information obtained by the previous test in order to adapt to the discovered security obstacles of the network under test. 6. The network security testing apparatus of claim 5, wherein the subsequent test includes execution of a test tool selected from a plurality of test tools based at least partially upon the network security vulnerability information obtained by the previous test. 7. The network security testing apparatus of claim 5, wherein the subsequent test includes execution of a test tool selected from a plurality of test tools based at least partially upon the system environment information. 8. The network security testing apparatus of claim 1, wherein the plurality of tests continue until all relevant information about the system under test has been collected. 9. A network security testing method comprising: a) executing a first wave of tests in a security vulnerability attack simulation by at least one first tester to test for network security vulnerabilities of a network system under test, wherein the first wave of tests is targeted at the network system under test, and wherein the at least one first tester is communicably coupled to the network system under test; b) receiving first information from the first wave of tests about the network system under test, after executing the first wave of tests, the first information comprising network security vulnerability information; c) executing a second wave of tests in a security vulnerability attack simulation to test for the network vulnerabilities of the network system under test after said receiving first information, wherein the second wave of tests is specifically modified in real time to adapt to discovered security obstacles of the network system under test detected based on the network security vulnerability information gained from the first wave of tests and obtain additional network security vulnerability information from the network system under test based on the first information, the additional network security vulnerability information is more specific to the network system under test than the first information; d) receiving the additional network security vulnerability information from the second wave of tests about the network system under test, after executing the second wave of tests; e) repeating steps a)-d) a plurality of times until relevant information about the system under test has been collected; and f) wherein the network security vulnerability information obtained from each subsequent wave of tests is more specific to the system under test based on the network security vulnerability information provided by each previous test. 10. The network security testing method of claim 9, wherein the time period between said executing the first wave of tests and said executing the second wave of tests can be negligible. 11. The network security testing method of claim 9, wherein said network security vulnerability information comprises information regarding network connectivity from the first tester to the network system under test. 12. The network security testing method of claim 9, wherein said receiving network security vulnerability information comprises receiving connection information relating to an IP address used in said executing the first test. 13. The network security testing method of claim 9, further comprising determining whether a test in the second wave of tests will be executed by the at least one first tester or by at least one second tester based upon the network security vulnerability information from the first test, before said executing the second test. 14. The network security testing method of claim 13, further comprising selecting the test in the second wave of tests from a plurality of tests based at least partially upon the network security vulnerability information. 15. The network security testing method of claim 9, further comprising selecting the test it the second wave of tests from a plurality of tests based at least partially upon the network security vulnerability information. 16. The network security testing method of claim 9, further comprising: determining whether all possible network security vulnerability information regarding the system under test has been received in light of the plurality of tests; and executing additional tests until all possible network security vulnerability information regarding the system under test has been received in light of the plurality of tests. 17. A computer program product for network security testing stored in a computer-readable medium, comprising: a) instructions for executing a first wave of tests in a security vulnerability attack simulation by at least one first tester to test for network security vulnerabilities of a network system under test, wherein the first wave of tests is targeted at the network system under test, and wherein the at least one first tester is communicably coupled to the network system under test; b) instructions for receiving first information from the first wave of tests about the network system under test, after executing the first wave of tests, the first information comprising network security vulnerability information; c) instructions for executing a second wave of tests to test for the network security vulnerabilities of the network system undet test after said receiving first information, wherein the second wave of tests is specifically modified in real time to adapt to the discovered security obstacles of the network system under test detected based on the network security vulnerability information gained from the first wave of tests and obtain additional network security vulnerability information from to the network system under test based on the first information, the additional network security vulnerability information is more specific to the network system under test than the first information; d) instructions for receiving the additional network security vulnerability information from the second wave of tests about the network system under test, after executing the second wave of tests; e) instructions for repeating steps a)-d) a plurality of times until all relevant information about the system under test has been collected; and f) instructions for wherein the network security vulnerability information obtained from each subsequent wave of tests is more specific to the system under test based on thc network security vulnerability information provided by each previous test. 18. The computer program product of claim 17, wherein the time period between executing the first wave of tests and executing the second wave of tests can be negligible. 19. The computer program product of claim 17, wherein said network security vulnerability information comprises information regarding network connectivity from the at least one first tester to the network system under test. 20. The computer program product of claim 17, wherein receiving network security vulnerability information comprises receiving session establishability information relating to an IP address used in executing the first test. 21. The computer program product of claim 17, further comprising instructions for determining whether a test in the second wave of tests will be executed by the at least one first tester or by at least one second tester based upon the network security vulnerability information from the first test, before said executing the second test. 22. The computer program product of claim 21, further comprising instructions for selecting the test in the second wave of tests from a plurality of tests based at least partially upon the network security vulnerability information. 23. The computer program product of claim 17, further comprising instructions for selecting the test in the second wave of tests from a plurality of tests based at least partially upon the network secutity vulnerability information. 24. The computer program product of claim 17, further comprising: instructions for determining whether all possible network security vulnerability information regarding the system under test has been received in light of the plurality of tests; and instructions for executing additional tests until all possible network security vulnerability information regarding the system under test has been received in light of the plurality of tests. 25. A network security testing apparatus comprising: a plurality of testers for generating a security vulnerability attack simulation comprised of a plurality of waves of tests for iteratively testing for network security vulnerabilities of a network system under test to obtain network security vulnerability information; wherein each of said plurality of testers is adapted to communicably couple to the network system under test; wherein a test of the network system under test is performed by a selected tester of said plurality of testers, said selection of said selected tester to adapt in real time to discovered security obstacles of the network system wider test based on the network security vulnerability information gained from a previous test to obtain more specific network security vulnerability information from the network system under test; wherein said plurality of testers has a load balance characteristic describing a degree of balance of loads of testers of said plurality of testers; and wherein the selected tester is selected from said plurality of testers based additionally on optimizing the load balance characteristic. 26. The network security testing apparatus of claim 25, wherein each tester of said plurality of testers has at least one quality of communicable coupling to the system under test; and wherein the selected tester is selected from said plurality of testers based at least partially on the selected tester's quality of communicable coupling. 27. The network security testing apparatus of claim 26, wherein the quality of communicable coupling includes: cost per bit; absolute speed; and geographical proximity of the selected tester to the system under test. 28. A network security testing method comprising: selecting at least one tester from a plurality of testers for generating a security vulnerability attack simulation comprised of a plurality of waves of tests for iteratively testing for network security vulnerabilities of a network system under test to obtain network security vulnerability information, said selection of said at least one tester to adapt in real time is modified to discovered security obstacles of the network system under test detected based on network security vulnerability information gained from a previous test to obtain more specific network security vulnerability information from network system under test; executing a test by the selected tester, wherein the test is targeted at a the network system under test, and wherein the selected tester is communicably coupled to the network system under test; wherein the plurality of testers has a load balance characteristic describing a degree of balance of loads of testers of the plurality of testers; and wherein said selecting a selected tester from a plurality of testers is further based at least partially on optimizing the load balance characteristic. 29. The network security testing method of claim 28, wherein each tester of the plurality of testers has at least one quality of communicable coupling to the network system under test; and wherein said selecting a selected tester from a plurality of testers is further based at least partially on the selected tester's quality of communicable coupling. 30. The network security testing method of claim 29, wherein the quality of communicable coupling includes: cost per bit; absolute speed; and geographical proximity of the selected tester to the system under test. 31. A computer program product for network security testing stored in a computer-readable medium, comprising: instructions for at least one selected tester from a plurality of testers for generating a security vulnerability attack simulation comprised of a plurality of waves of tests for iteratively testing for network security vulnerabilities of a network system under test to obtain network security vulnerability information, said selection of said at least one tester to adapt in real time is modified to discover security obstacles of the network system under test detected based on network security vulnerability information gained from a previous test to obtain more specific network security vulnerability information from network system under test; instructions for executing a test by the selected tester, wherein the test is targeted at a system tinder test, and wherein the selected tester is communicably coupled to the network system under test; wherein the plurality of testers has a load balance characteristic describing a degree of balance of loads of testers of the plurality of testers; and wherein the selecting a selected tester from a plurality of testers is further based at least partially on optimizing the load balance characteristic. 32. The computer program product of claim 31, wherein each tester of the plurality of testers has at least one quality of communicable coupling to the system under test; and wherein the selecting a selected tester from a plurality of testers is further based at least partially on the selected tester's quality of communicable coupling. 33. The computer program product of claim 32, wherein the quality of communicable coupling includes: cost per bit; absolute speed; and geographical proximity of the selected tester to the system under test. 34. A network security testing apparatus comprising: at least one first tester that is adapted to communicably couple to a network system under test to generate a security vulnerability attack simulation comprised of a plurality of waves of tests to perform network security vulnerability testing, wherein said at least one first tester is adapted to iteratively perform a plurality of waves of tests on the network system under test to obtain network security vulnerability information on the network system under test; wherein each test in the plurality of waves of tests are specifically modified in real-time to adapt to discovered security obstacles of the network system under test detected based on the network security vulnerability information gained from the previous test and to obtain additional network security vulnerability information from the network system under test; wherein said at least one first tester is adapted to make a first attempt to communicably couple to the network system under test before executing the test to obtain network security vulnerability information; wherein said at least one first tester is adapted to make a second attempt to communicably couple to the system under test alter executing the test to obtain network security vulnerability information; and wherein the combination of success of the first attempt and failure of the second attempt are interpreted as detection of the test by the network system under test; wherein the combination of success of the first attempt and failure of the second attempt are interpreted as detection of the test by the network system under test.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.