Koox cilmi-baarayaal ah oo ka socda Virginia Tech, Cyentia iyo RAND,
Si kastaba ha ahaatee, wax xidhiidh ah lagama helin daabacaadda tusaalooyinka ka faa'iidaysiga ee goobaha dadweynaha iyo isku dayga lagu doonayo in lagaga faa'iidaysto nuglaanta. Dhammaan xaqiiqooyinka ka faa'iidaysiga dayacanka ee loo yaqaan cilmi-baarayaashu, kaliya kala badh kiisaska dhibaatadu waxay ahayd tusaalaha ka faa'iidaysiga ee lagu daabacay ilo furan ka hor. La'aanta tusaalaha ka faa'iidaysiga ma joojinayso weeraryahannada, kuwaas oo, haddii loo baahdo, abuuraan faa'iidooyin kaligood ah.
Gabagabada kale waxaa ka mid ah baahida loo qabo ka faa'iidaysiga badi ahaan baylahda leh khatar heerkeedu sarreeyo marka loo eego soocidda CVSS. Ku dhawaad nus ka mid ah weerarradu waxay adeegsadeen baylahda oo miisaankoodu yahay ugu yaraan 9.
Tirada guud ee noocyada ka faa'iidaysiga ee la daabacay muddada dib u eegista lagu sameeyay ayaa lagu qiyaasay 9726 xogta ka faa'iidaysiga daraasadda laga helay
ururinta Ka faa'iidayso DB, Metasploit, D2 Security's Elliot Kit, Canvas Framework Ka faa'iidaysiga, Contagio, shaybaadhka dib u noqoshada iyo Secureworks CTU.
Macluumaadka ku saabsan dayacanka ayaa laga helay kaydka xogta
Daraasadda waxaa loo sameeyay si loo go'aamiyo dheelitirka ugu wanaagsan ee u dhexeeya codsanaya cusbooneysiinta si loo ogaado wax kasta oo dayacan iyo baabi'inta kaliya dhibaatooyinka ugu khatarta badan. Xaaladda kowaad, waxtarka ilaalinta sare waa la hubiyaa, laakiin kheyraad badan ayaa loo baahan yahay si loo ilaaliyo kaabayaasha, kuwaas oo inta badan lagu bixiyo hagaajinta dhibaatooyinka aan muhiimka ahayn. Xaaladda labaad, waxaa jirta halis sare oo ah in la waayo nuglaanta loo isticmaali karo weerar. Daraasadu waxay muujisay in marka la go'aaminayo in lagu rakibo casriyeyn kaas oo baabi'inaya dayacanka, waa inaadan ku tiirsanayn la'aanta prototype ka faa'iidaysiga oo la daabacay iyo fursada ka faa'iidaysiga si toos ah waxay kuxirantahay heerka nuglaanshaha.
Source: opennet.ru