Change search
ReferencesLink to record
Permanent link

Direct link
A quantitative evaluation of vulnerability scanning
KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
Swedish Research Defense Agency.
Swedish Research Defense Agency.
2011 (English)In: Information Management & Computer Security, ISSN 0968-5227, Vol. 19, no 4, 231-247 p.Article in journal (Refereed) Published
Abstract [en]

Purpose – The purpose of this paper is to evaluate if automated vulnerability scanning accurately identifies vulnerabilities in computer networks and if this accuracy is contingent on the platforms used.

Design/methodology/approach – Both qualitative comparisons of functionality and quantitative comparisons of false positives and false negatives are made for seven different scanners. The quantitative assessment includes data from both authenticated and unauthenticated scans. Experiments were conducted on a computer network of 28 hosts with various operating systems, services and vulnerabilities. This network was set up by a team of security researchers and professionals.

Findings – The data collected in this study show that authenticated vulnerability scanning is usable. However, automated scanning is not able to accurately identify all vulnerabilities present in computer networks. Also, scans of hosts running Windows are more accurate than scans of hosts running Linux.

Research limitations/implications – This paper focuses on the direct output of automated scans with respect to the vulnerabilities they identify. Areas such as how to interpret the results assessed by each scanner (e.g. regarding remediation guidelines) or aggregating information about individual vulnerabilities into risk measures are out of scope.

Practical implications – This paper describes how well automated vulnerability scanners perform when it comes to identifying security issues in a network. The findings suggest that a vulnerability scanner is a useable tool to have in your security toolbox given that user credentials are available for the hosts in your network. Manual effort is however needed to complement automated scanning in order to get satisfactory accuracy regarding network security problems.

Originality/value – Previous studies have focused on the qualitative aspects on vulnerability assessment. This study presents a quantitative evaluation of seven of the most popular vulnerability scanners available on the market.

Place, publisher, year, edition, pages
Emerald Group Publishing Limited, 2011. Vol. 19, no 4, 231-247 p.
Keyword [en]
Assessments, Auditing, Computer networks, Computer security, Information security modelling, Information technology, Management
National Category
Computer and Information Science
Research subject
URN: urn:nbn:se:kth:diva-100907DOI: 10.1108/09685221111173058ScopusID: 2-s2.0-81855177321OAI: diva2:545791
QC 20120821Available from: 2012-08-21 Created: 2012-08-21 Last updated: 2012-08-21Bibliographically approved

Open Access in DiVA

fulltext(742 kB)4150 downloads
File information
File name FULLTEXT01.pdfFile size 742 kBChecksum SHA-512
Type fulltextMimetype application/pdf

Other links

Publisher's full

Search in DiVA

By author/editor
Holm, HannesSommestad, Teodor
By organisation
Industrial Information and Control Systems
In the same journal
Information Management & Computer Security
Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 4150 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Altmetric score

Total: 134 hits
ReferencesLink to record
Permanent link

Direct link