Pdf

A Hybrid Vulnerability Scanning System Using Network-Based and Host-Based Approaches

Nwosu John Nwachukwu

Department of Computer Science Federal Polytechnic, Oko Anambra State, Nigeria

Phone Number: 08035902385
Email: drnwosu2023@gmail.com

ABSTRACT

The study investigated traditional vulnerabilities scanning approaches that focused on either network-based scanning or host-based scanning and identified gaps in the coverage of each of the approach. Network-based scanners focus on identifying open ports, weak protocols, and outdated services that may expose entry points to attackers while host-based scanners, by contrast, evaluate operating systems and installed applications for configuration flaws and missing patches. To satisfy the emerging computing demands, a hybrid vulnerability scanning system that integrated the network-based approach and host-based approach was developed. The system effectively scans network devices and computers, integrates active and passive scanning techniques to identify vulnerabilities, detect anomalies and security weaknesses for open ports, outdated software, weak configurations, and classifies detected vulnerabilities based on severity levels (low, medium, high, critical), stores and organizes the results of the scanning with unique identifiers and timestamps for easy tracking and other decision making activities. The methodology involved the use of Network Mapper (Nmap) for open ports scanning and data collection, OpenVas for identification of outdated software and security gaps such as weak passwords and for agent-based scanning methods of host-based approach. The system was developed using Python as the programming environment and MySQL for database management. The system was tested in controlled environment with multiple computers and network devices, and the outcomes demonstrated that it could reliably identify vulnerabilities, organize scan results, and produce actionable security reports. There was an improved efficiency over traditional methods, reduced manual efforts in tracking vulnerabilities, and enhanced visibility of system security posture. Based on the results, it is recommended that organizations adopt the system to continuously monitor network assets and integrate scanning results with patch management approach. This system provides a proactive approach to managing cybersecurity risks and reducing exposure to potential attacks.

Keywords: Hybrid Vulnerability, Scanning System and Host-Based Approaches

CITE AS: Nwosu John Nwachukwu (2026). A Hybrid Vulnerability Scanning System Using Network-Based and Host-Based Approaches. INOSR Scientific Research 13(1):1-11. https://doi.org/10.59298/INOSRSR/2026/131111