The Impact of IPv6 on Penetration Testing

In this paper we discuss the impact the use of IPv6 has on remote penetration testing of servers and web applications. Several modifications to the penetration testing process are proposed to accommodate IPv6. Among these modifications are ways of performing fragmentation attacks, host discovery and brute-force protection. We also propose new checks for IPv6-specific vulnerabilities, such as bypassing firewalls using extension headers and reaching internal hosts through available transition mechanisms. The changes to the penetration testing process proposed in this paper can be used by security companies to make their penetration testing process applicable to IPv6 targets

Penetration Testing Server Sistem Informasi Manajemen Dan Website Universitas Kristen Petra

A developing organization need information technology in itsoperational activity. However what is often considered is how toensure that data saved in server is safe from unauthorized parties.Therefore, this thesis reviews how a person who is appointed as asecurity analyst do penetration testing in a system with variety toolsgiven and how the report can be understood from by people frommanagers to programmers. Besides giving the how-to knowledge,this thesis also reviews how secure is the organization under reviewin keeping their data safe from other parties who are not supposedto get access to important operational activity data

Smart Computer Security Audit: Reinforcement Learning with a Deep Neural Network Approximator

A significant challenge in modern computer security is the growing skill gap as intruder capabilities increase, making it necessary to begin automating elements of penetration testing so analysts can contend with the growing number of cyber threats. In this paper, we attempt to assist human analysts by automating a single host penetration attack. To do so, a smart agent performs different attack sequences to find vulnerabilities in a target system. As it does so, it accumulates knowledge, learns new attack sequences and improves its own internal penetration testing logic. As a result, this agent (AgentPen for simplicity) is able to successfully penetrate hosts it has never interacted with before. A computer security administrator using this tool would receive a comprehensive, automated sequence of actions leading to a security breach, highlighting potential vulnerabilities, and reducing the amount of menial tasks a typical penetration tester would need to execute. To achieve autonomy, we apply an unsupervised machine learning algorithm, Q-learning, with an approximator that incorporates a deep neural network architecture. The security audit itself is modelled as a Markov Decision Process in order to test a number of decisionmaking strategies and compare their convergence to optimality. A series of experimental results is presented to show how this approach can be effectively used to automate penetration testing using a scalable, i.e. not exhaustive, and adaptive approach

Penetration impact testing of self-reinforced composites

Penetration impact resistance is one of the key advantages of self-reinforced composites. This is typically measured using the same setup as for brittle fibre composites. However, issues with the test configuration for falling weight impact tests are reported. Similar issues have been found in literature for other composites incorporating ductile fibres. If the dimensions of the test samples are too small relative to the clamping device, then the test samples can heavily deform by wrinkling and necking. These unwanted mechanisms should be avoided as they absorb additional energy compared to properly tested samples. Furthermore, these mechanisms are found to occur more easily at lower compaction temperatures due to the lower interlayer bonding. In conclusions, the sample dimensions of ductile fibre composites should be carefully selected for penetration impact testing. If wrinkling or necking is observed, then the sample dimensions need to be increased.publisher: Elsevier articletitle: Penetration impact testing of self-reinforced composites journaltitle: Composites Part A: Applied Science and Manufacturing articlelink: http://dx.doi.org/10.1016/j.compositesa.2014.10.012 content_type: article copyright: Copyright © 2014 Elsevier Ltd. All rights reserved.status: publishe

Depth of penetration effects in eddy current testing

The simple depth of penetration equation used for most eddy current calculations does not take into account the effect of the size of the coil or the effect of flaw morphology. The work described in this paper describes use of the CIVA eddy current model to investigate this effect and some experimental investigations. Knowledge of this effect is important in examination of thin sections with eddy currents. Two examples of this are the small sections required to be inspected in laser metal deposition, and welds in thin sections joining dissimilar metals such as copper and aluminium for electrical connections