A machine-oriented integrated vulnerability database for automated vulnerability detection and processing
RHC Yap, L Zhong - Large Installation System Administration (LISA), 2004 - usenix.org
RHC Yap, L Zhong
Large Installation System Administration (LISA), 2004•usenix.orgThe number of security vulnerabilities discovered in computer systems has increased
explosively. Currently, in order to keep track of security alerts, system administrators rely on
vulnerability databases such as: CERT Coordination Centre, Securityfocus BugTraq and
Sans Vulnerabilities Notes Database. Such databases are designed primarily to be read
and understood by humans. Given the speed at which an exploit becomes available once a
vulnerability is known, and the frequency of occurrence of such vulnerabilities, manual …
explosively. Currently, in order to keep track of security alerts, system administrators rely on
vulnerability databases such as: CERT Coordination Centre, Securityfocus BugTraq and
Sans Vulnerabilities Notes Database. Such databases are designed primarily to be read
and understood by humans. Given the speed at which an exploit becomes available once a
vulnerability is known, and the frequency of occurrence of such vulnerabilities, manual …
Abstract
The number of security vulnerabilities discovered in computer systems has increased explosively. Currently, in order to keep track of security alerts, system administrators rely on vulnerability databases such as: CERT Coordination Centre, Securityfocus BugTraq and Sans Vulnerabilities Notes Database. Such databases are designed primarily to be read and understood by humans. Given the speed at which an exploit becomes available once a vulnerability is known, and the frequency of occurrence of such vulnerabilities, manual human intervention is too slow, time-consuming and may not be effective. We propose the design of a new vulnerability database which is oriented to be machine readable and processable rather than human oriented. This allows automated response to a vulnerability alert rather than relying on manual intervention of system administrators. With this approach, many kinds of automatic processing of alerts become feasible. We show the value of such a database by constructing a prototype sample scanner for Unix systems tailored for Linux RedHat and FreeBSD. We envisage that our work can help spur a development of far more effective vulnerability databases to benefit a wide-ranging user community.
usenix.org
Showing the best result for this search. See all results