University of Aveiro Vulnerability Monitor

Abstract

The University of Aveiro suffers several cyber attacks weekly. To avoid possible intrusions into the system that could leave to denials of service, information theft and others, we have developed a platform that analyzes all exposed domains, performing a port-by-port assessment and presenting a classification of their exposure level, highlighting domains where vulnerabilities were found. This platform will periodically analyze these domains and, whenever any worrying failure is found, it will notify the user and the administrator to solve the problem.

Table of Contents

1. Team
2. Context
3. Problem
4. Goals
5. Tasks
6. Expected Results

Team:

• Juniors:

  • Students:
    • João Figueiredo
    • João Fernandes
    • Olavo Saraiva
    • Ana Filipe
    • Pedro Pereira
    • Tiago Pedrosa

• Seniors

  • Advisors:
    • João Paulo Barraca
    • André Zúquete
  • Colaborators:
    • Vitor Cunha
    • Ricardo Martins

Context

• The University of Aveiro has a large number of domains on the internet.
• Some more important than others, but nonetheless, all connected to the university’s servers.

Problem

• High probability of exploitable flaws in the university’s domains
• Constant unnoticed cyber attacks.
• Possible high number of unnoted flaws due to the vast number of domains.

Goals

• Our objective is to monitor, in real time and permanently, all the domains of the university of Aveiro.
• Notify (via email or sms) the people in charge, with detailed information, whenever a flaw is found.

Tasks

• Detect flaws in the system.
• Make user friendly reports and dashboard.
• Store common vulnerabilities in a database for future similar errors.

Expected results

• Provide more security for the University of Aveiro’s domains.
• An efficient system for vulnerability monitoring.
• A well designed and user friendly dashboard.
• An automatic notification system.