Kaksonen R., Järvenpää T., Pajukangas J., Mahalean M., Röning J. (2021) 100 Popular Open-Source Infosec Tools. In: Jøsang A., Futcher L., Hagen J. (eds) ICT Systems Security and Privacy Protection. SEC 2021. IFIP Advances in Information and Communication Technology, vol 625. Springer, Cham. https://doi.org/10.1007/978-3-030-78120-0_12
100 popular open-Source infosec tools
|Author:||Kaksonen, Rauli1; Järvenpää, Tommi1; Pajukangas, Jukka1;|
1University of Oulu, Oulu, Finland
|Online Access:||PDF Full Text (PDF, 0.4 MB)|
|Persistent link:|| http://urn.fi/urn:nbn:fi-fe2021100149105
|Publish Date:|| 2021-10-01
We examined the popularity of open-source tools used for information security analysis (infosec tools). This information would be useful, e.g. in security research, but it was not available. In our study, we created first a corpus of 423 tools from various sources. Then we collected source popularity metrics by Google search, tweets, GitHub stars, SecTools.org ranking, and cross-references between tools. We found a strong correlation between the metrics. We created an aggregate popularity metric from Google search, GitHub stars, and tool cross-reference source metrics using principal component analysis. The aggregate metric explains 70% of the variance in the source metrics. The three most popular tools are Metasploit, Nmap, and Wireshark. We estimated the impact of source metric errors and concluded that the aggregate metric gives an estimate of tool popularity, rather than an exact popularity rank. Furthermore, we divide the tools into overlapping categories by tool scope and type of activity. In the top 100, 51 tools are in the network scope, 27 in the host scope, 15 in the storage scope, 13 in the passwords scope, and 4 in the other tools scope.
IFIP advances in information and communication technology
|Pages:||181 - 195|
ICT Systems Security and Privacy Protection. 36th IFIP TC 11 International Conference, SEC 2021, Oslo, Norway, June 22–24, 2021, Proceedings
|Host publication editor:||
International Conference on ICT Systems Security and Privacy Protection
|Type of Publication:||
A4 Article in conference proceedings
|Field of Science:||
213 Electronic, automation and communications engineering, electronics
This work is done in the CinCan project funded by CEF programme (2016-FI-IA-0095) and in the SECREDAS project funded by Horizon 2020 programme (grant agreement nr. 783119) and by Business Finland.
© IFIP International Federation for Information Processing 2021. This is a post-peer-review, pre-copyedit version of an article published in ICT Systems Security and Privacy Protection. 36th IFIP TC 11 International Conference, SEC 2021, Oslo, Norway, June 22–24, 2021, Proceedings. The final authenticated version is available online at: https://doi.org/10.1007/978-3-030-78120-0_12.