The university is highly dependent on IT technology throughout its information service and work, and has large-scale data such as academic and research data. Cyber threats such as hacking, intrusion attempts, malware infections, web hacking, denial o...
The university is highly dependent on IT technology throughout its information service and work, and has large-scale data such as academic and research data. Cyber threats such as hacking, intrusion attempts, malware infections, web hacking, denial of service attacks, exploitation of university resources as waypoints and personal information leakage have also increased rapidly, posing a serious threat to university academic and administrative affairs.
In order to cope with the growing cyber threat, the university makes a lot of budget and effort for establishing information security policies, purchasing information security equipment and information security activities such as introducing ISMS-P(Personal Information & Information Security Management System) and conducting annual information protection level diagnosis.
In spite of the university's efforts, it is impossible to block malicious attacks if the security equipment fails to perform its function due to obstacles or other problems. In addition, serious violations caused by vulnerabilities not found during regular security checks can lead to major accidents such as leakage of personal information by university members, posing a serious threat to university information assets.
This paper is designed to allow university information security officers to directly access university information assets regardless of the blocking policy of security equipment such as firewalls by placing simulated attacks and vulnerability check systems inside the server network or the campus network using open sources. Through this, they can directly checks the presence of vulnerabilities in critical IT resources such as servers, applications, and network equipment in the university and terminals used by members if security equipment fails to perform its functions.
In addition, when a vulnerability is discovered, the attack code for the corresponding vulnerability can be executed to determine whether hacking is possible, and the vulnerability can be analyzed and supplemented. Also, the information security officer can perform vulnerability checks directly to enable detailed checks of information assets that may be omitted from regular vulnerability checks, thereby preventing information security accidents such as hacking and personal information leakage that may occur in the future.