*Proceeding Paper* **Low Cost Automated Security Audit System †**

**Pedro Fernández-Arruti \*, Julio J. Estévez-Pereira \*, Francisco J. Nóvoa, Jose C. Dafonte and Diego Fernández**

Research Center of Information and Communication Technologies (CITIC), Campus de Elviña, s/n, 15071 A Coruña, Spain; francisco.javier.novoa@udc.es (F.J.N.); carlos.dafonte@udc.es (J.C.D.); diego.fernandez@udc.es (D.F.)

**\*** Correspondence: pedro.fernandez-arruti@udc.es (P.F.-A.), julio.jairo.estevez.pereira@udc.es (J.J.E.-P.)

† Presented at the 4th XoveTIC Conference, A Coruña, Spain, 7–8 October 2021.

**Abstract:** In recent years, a quick transition towards digitization has been observed in most organizations. Along with it, certain inherent problems have appeared, such as the increase in cyber threats. Large organizations are able to adapt easily, but this does not happen with small and medium-sized companies. Currently, there are very few solutions aimed at fulfilling the needs of these small enterprises, so we have worked on a tool for them. Our tool is capable of displaying key, easy-to-interpret information related to each organization's network assets. To achieve this, we used passive and active analysis techniques and successfully evaluated the viability of using machine learning techniques to get more meaningful information. All of the information obtained is displayed in a simple web application, which is designed to be used by managers in organizations without them needing to handle complex concepts and vocabulary.

**Keywords:** network audit; passive analysis; active analysis; machine learning

**Citation:** Fernández-Arruti, P.; Estévez-Pereira, J.J.; Nóvoa, F.J.; Dafonte J.C; Fernández D. Low Cost Automated Security Audit System. *Eng. Proc.* **2021**, *7*, 58. https:// doi.org/10.3390/engproc2021007058


Academic Editors: Joaquim de Moura, Marco A. González, Javier Pereira and Manuel G. Penedo

Published: 28 October 2021

**Publisher's Note:** MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

**Copyright:** © 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https:// creativecommons.org/licenses/by/ 4.0/).

#### **1. Introduction**

Organizations of all sizes are now significantly reliant upon information technology and networks for the operation of their business activities. Therefore, they have the added requirement of ensuring that their systems and data are appropriately protected against security breaches. However, there is evidence to suggest that security practices are not strongly upheld within small and medium-sized enterprise (SME) environments [1].

There are different approaches in the literature that attempt to address this problem. However, many of them require those responsible for organizations to handle complex concepts and vocabulary and provide results that managers of this type of organization do not know how to interpret.

Our project involves building a modular tool that implements the creation of an inventory of the organization's assets (final and intermediate devices, active services, and identification of application-layer protocols) and an information visualization through a dashboard (providing key information to the organization's managers, indicating the technical risk of the organization). In addition, we evaluate the viability of machine learning techniques for offering advanced knowledge of the state of the network from the data collected by using unsupervised exploration techniques. There are non-functional characteristics that are key to the success of our tool: a low-cost, scalable, modular, and easy-to-use solution.
