Enhancing Cybersecurity: Design of an Automated Penetration Testing Framework for Common Vulnerabilities and Exposures (CVE)
Saved in:
| Title: | Enhancing Cybersecurity: Design of an Automated Penetration Testing Framework for Common Vulnerabilities and Exposures (CVE) |
|---|---|
| Authors: | Nur Rohman Rosyid, Anni Karimatul Fauziyyah, Yoan Navie Ananda |
| Source: | Jurnal Informatika, Pp 307-315 (2025) |
| Publisher Information: | Universitas Muhammadiyah Purwokerto, 2025. |
| Publication Year: | 2025 |
| Collection: | LCC:Electronic computers. Computer science |
| Subject Terms: | automated penetration testing, cybersecurity, design patterns, cve, Electronic computers. Computer science, QA75.5-76.95 |
| Description: | The progression of digital transformation has increased cybersecurity concerns, primarily due to the growing prevalence of system vulnerabilities. Penetration testing (pentesting) is an essential technique for identifying and assessing vulnerabilities; however, conventional methods are labor-intensive and heavily reliant on expert participation. This study proposes the development of an automated penetration testing framework that utilizes Common Vulnerabilities and Exposures (CVE) to enhance efficiency and reduce reliance on manual processes. The framework utilizes software engineering design patterns, namely the Template Method and Abstract Factory, to guarantee modularity, scalability, and maintainability. The implementation and evaluation reveal the system's capacity to reliably perform CVE-based penetration testing activities with consistent performance across multiple iterations. Comparative testing demonstrates that the suggested framework attains superior consistency in execution time and resource utilization compared to monolithic solutions. In conclusion, the established methodology offers a dependable basis for automated CVE-based security evaluations and facilitates continuous adaptation to forthcoming cybersecurity issues. |
| Document Type: | article |
| File Description: | electronic resource |
| Language: | Indonesian |
| ISSN: | 2086-9398 2579-8901 |
| Relation: | http://jurnalnasional.ump.ac.id/index.php/JUITA/article/view/26938; https://doaj.org/toc/2086-9398; https://doaj.org/toc/2579-8901 |
| DOI: | 10.30595/juita.v13i3.26938 |
| Access URL: | https://doaj.org/article/c3ce49f73a3e4df08e74b6af46fd0b05 |
| Accession Number: | edsdoj.3ce49f73a3e4df08e74b6af46fd0b05 |
| Database: | Directory of Open Access Journals |
Nájsť tento článok vo Web of Science | Abstract: | The progression of digital transformation has increased cybersecurity concerns, primarily due to the growing prevalence of system vulnerabilities. Penetration testing (pentesting) is an essential technique for identifying and assessing vulnerabilities; however, conventional methods are labor-intensive and heavily reliant on expert participation. This study proposes the development of an automated penetration testing framework that utilizes Common Vulnerabilities and Exposures (CVE) to enhance efficiency and reduce reliance on manual processes. The framework utilizes software engineering design patterns, namely the Template Method and Abstract Factory, to guarantee modularity, scalability, and maintainability. The implementation and evaluation reveal the system's capacity to reliably perform CVE-based penetration testing activities with consistent performance across multiple iterations. Comparative testing demonstrates that the suggested framework attains superior consistency in execution time and resource utilization compared to monolithic solutions. In conclusion, the established methodology offers a dependable basis for automated CVE-based security evaluations and facilitates continuous adaptation to forthcoming cybersecurity issues. |
|---|---|
| ISSN: | 20869398 25798901 |
| DOI: | 10.30595/juita.v13i3.26938 |