A concise overview of the specific features of using exployts

doi:10.26565/2519-2310-2022-1-02

Elizaveta Bogdanova V. N. Karazin Kharkiv National University
Larysa Pavlova V. N. Karazin Kharkiv National University https://orcid.org/0000-0002-5854-4209
Karina Pohorila V. N. Karazin Kharkiv National University https://orcid.org/0000-0001-8701-2394

DOI: https://doi.org/10.26565/2519-2310-2022-1-02

Keywords: exploits, software vulnerabilities, security patches, information security

Abstract

The issue of exploiting the software vulnerabilities is considered in the article. Particular attention has been paid to the two aspects of the practical usage of exploits, as an attack tool and as a means of testing protected information systems. It is stressed that integrating exploits into a single exploit-kit, increases the efficiency of searching for existing vulnerabilities of the modern information systems. The scheme of the exploit kit operation in the target information system is presented. Analysis of the known incidents related to the use of exploits, al-lows us to assert the existence of a relationship between the degree of popularity of a software product or device, and the probability of the exploits being created. The extreme importance of the timely release of security patches as an effective means of preventing the usage of identified software vulnerabilities is emphasized. Releasing security patches is a basic element of possible defensive reactions when dealing with such issues.

Downloads

Download data is not yet available.

Author Biographies

Elizaveta Bogdanova , V. N. Karazin Kharkiv National University

Computer science student

Larysa Pavlova , V. N. Karazin Kharkiv National University

Senior Lecturer, Department of Foreign Languages for Professional Purposes, Faculty of Foreign Languages

Karina Pohorila, V. N. Karazin Kharkiv National University

CSD Student (magistrate), Department of Security of Information Systems and Technologies

References

Синцов А. (2015). Куда катится безопасность? Хакер, (192), 58-59. Извлечено из http://surl.li/certn

Мелкозьорова, О., Лєсная, Ю., & Малахов, С. (2022). Особливості забезпечення захисту від НСД в сучасних інформаційних системах. InterConf, (97). Retrieved from https://ojs.ukrlogos.in.ua/index.php/interconf/article/view/18428

Касперский Е.В. (2012). Эксплойты, зеродеи, их опасность и её профилактика. Retrieved from https://eugene.kaspersky.ru/2012/05/25/exploits-and-zerodays-protection/

(2017). Эксплойты, (Exploits). Извлечено из https://www.antimalware.ru/threats/exploits

Рузудженк, С., Погоріла, К., Кохановська, Т., & Малахов, С. (2020). Особливості захисту корпоративних ресурсів за допомогою технології Honeypot. Комп’ютерні науки та кібербезпека, (4), 22-29. Retrieved from https://doi.org/10.26565/2519-2310-2019-4-03

Daniel Simpson. (2022). Наборы эксплойтов и эксплойтов. Retrieved from http://surl.li/certr

Закрожевский В. (2010). Лазутчики киберкриминала. Retrieved from https://securelist.ru/lazutchiki-kiberkriminala/1424/

Джон Маллери, & Джейсон Занн (2007). Безопасная сеть вашей компании. (Е. Линдеманн, пер. с англ.). Москва: НТ Пресс.

Nikto: A Practical Website Vulnerability Scanner. (2021). Retrieved from https://securitytrails.com/blog/nikto-website-vulnerability-scanner

A concise overview of the specific features of using exployts

Abstract

Downloads

Author Biographies

References

Most read articles by the same author(s)