Page 79 - The-5th-MCAIT2021-eProceeding
P. 79
identifying vulnerabilities differs (Alsaleh et al., 2017). Thus, the results from the scanners need to be manually
verified. The servers typically log the scanning processes. Scanning usually would trigger the IDS to block the source
IPs of the scanners. The phase also takes a long time because the scanners will ex- haust all rules to scan the
websites. There are currently efforts to build scanners that use artificial intelligence rules to scan and save time.
In the fourth phase, we evaluated the SSL implementation using Qualys SSL Labs. Each website will be
given a letter grade A to C based on their level of SSL implementation. The best grades are A and A+, indicating
the websites have an excellent SSL implementation and certificate. We also manually look for security policies
on the websites. A good website would have a security policy on how they handle privacy and confidential
customer data.
3. Results and Discussion
In the first phase, we obtained 3,676 educational websites from the edu.sa domain. We began by choosing
29 websites. We looked over these websites to see if they were appropriate for our research. We didn’t include
sensitive government education websites or those that weren’t updated on a regular basis. Finally, we decided
to focus our case study on only 12 websites. We anonymised them to protect their privacy.
In the second phase, we found several websites were running Windows IIS 8.5 Server, a server released in 1995.
This server’s support was extended till 2020. Because the servers no longer got security fixes, websites that
employed software that was not adequately supported were vulnerable to cyberattacks. Unnecessary services and
open ports are running on some websites, which could be exploited by buffer overflow attacks or remote
exploitation attacks. A few websites disclose their software version, providing attackers with even another attack
channel.
In the third phase, the vulnerability scanners assign CVSS (Common Vulnerability Scoring System) scores
to discovered vulnerabilities and use those scores to divide those vulnerabilities into four categories: high (H),
medium (M), low (L), and informational (INF) (I). The severity of a vulnerability is reflected in the vulnerability
classification. For instance, a high vulnerability rating would indicate a vulnerability that would have a severe
impact on the website, such as data loss, unauthorized login access, or data breach.
We observed that Acunetix gave notable different results from Nessus, and OpenVAS was un- able to detect
vulnerabilities in many websites. Nessus found 7 high vulnerabilities for w10, 1 for w11, and 2 for w12.
Acunetix found 22 high vulnerabilities in w1, 851 in w11, 22 in w12 and 4 in w8. The high vulnerabilities were
security issues that needed to be remedied. Medium vulnerabilities and informal vulnerabilities are acceptable
risks that can be ignored. In the fourth phase, the result indicated w1, w2, w3, w4, w5, w6, w10, w12 as grade B,
w7 as grade A, w8 as grade A+, w10 as grade F, and w11 receives no grade. We could conclude that 8 websites
have exemplary SSL implementation, 2 websites excellent SSL implementation. Websites that handle sensitive
data should have SSL implementation of grade A or above.
Table 1: Vulnerabilities count based on OpenVAS, Nessus and Acunetix. The label H indicate High, M (Medium), L (Low) and I
(informational). For instance, at host w1, OpenVas didn’t find any vulnerabilities while Nessus found 30 vulnerabilities and Acunetix found
122 vulnerabilities
websites OpenVAS Nessus Acunetix
w1 - M(2) L(1) I(27) H(22) M(58) L(11) I(31)
w2 - M(2) I(20) L(1) I(2)
w3 - I(2) M(843) L(2) I(233)
w4 - I(14) M(3) L(3) I(3)
w5 H(1) I(66) I(72) M(435) L(55) I(703)
w6 H(1) I(66) I(46) M(646) L(45) I(23)
E- Proceedings of The 5th International Multi-Conference on Artificial Intelligence Technology (MCAIT 2021) [66]
Artificial Intelligence in the 4th Industrial Revolution
