Arm up administrators: automated vulnerability management

H. Tian, Liusheng Huang, Zhi Zhou, Yonglong Luo
{"title":"Arm up administrators: automated vulnerability management","authors":"H. Tian, Liusheng Huang, Zhi Zhou, Yonglong Luo","doi":"10.1109/ISPAN.2004.1300542","DOIUrl":null,"url":null,"abstract":"With the continuous flood of vulnerabilities of computers, vulnerability management is a very important task for administrators to keep systems as secure as possible. Facing numerous attackers armed with complicated, automated tools, current manual vulnerability management by administrators is so time-consuming, error-prone. Administrators also do need automated defensive tools. This paper proposes an open framework of automated vulnerability management that dramatically alleviates the burden of administrators and improves the security of systems. In this framework, we present three XML based markup languages, Common Vulnerability Markup Language (CVML), System Information Markup Language (SIML), Network System Markup Language (NSML) to express crucial information related to systems and vulnerabilities to facilitate automated exchange and processing. Host vulnerability managers (HVMs) running on the target host maintain the crucial system information in SIML, receive vulnerability advisories in CVML from various sources, decide what vulnerabilities exist, and try to fix vulnerabilities automatically if possible. Domain vulnerability managers (DVMs) are responsible for the vulnerability management in NSML of the local network. DVMs correlate reports from HVMs and scan for network-based vulnerabilities in this domain. We have implemented a prototype of the framework that shows the effectiveness and efficiency of our solution.","PeriodicalId":198404,"journal":{"name":"7th International Symposium on Parallel Architectures, Algorithms and Networks, 2004. Proceedings.","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2004-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"7th International Symposium on Parallel Architectures, Algorithms and Networks, 2004. Proceedings.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISPAN.2004.1300542","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 11

Abstract

With the continuous flood of vulnerabilities of computers, vulnerability management is a very important task for administrators to keep systems as secure as possible. Facing numerous attackers armed with complicated, automated tools, current manual vulnerability management by administrators is so time-consuming, error-prone. Administrators also do need automated defensive tools. This paper proposes an open framework of automated vulnerability management that dramatically alleviates the burden of administrators and improves the security of systems. In this framework, we present three XML based markup languages, Common Vulnerability Markup Language (CVML), System Information Markup Language (SIML), Network System Markup Language (NSML) to express crucial information related to systems and vulnerabilities to facilitate automated exchange and processing. Host vulnerability managers (HVMs) running on the target host maintain the crucial system information in SIML, receive vulnerability advisories in CVML from various sources, decide what vulnerabilities exist, and try to fix vulnerabilities automatically if possible. Domain vulnerability managers (DVMs) are responsible for the vulnerability management in NSML of the local network. DVMs correlate reports from HVMs and scan for network-based vulnerabilities in this domain. We have implemented a prototype of the framework that shows the effectiveness and efficiency of our solution.
武装管理员:自动漏洞管理
随着计算机漏洞的不断泛滥,漏洞管理对于管理员来说是一项非常重要的任务,以保证系统的安全。面对拥有复杂、自动化工具的众多攻击者,当前由管理员进行的手动漏洞管理非常耗时且容易出错。管理员也需要自动化的防御工具。本文提出了一个开放的自动化漏洞管理框架,大大减轻了管理员的负担,提高了系统的安全性。在这个框架中,我们提出了通用漏洞标记语言(CVML)、系统信息标记语言(SIML)、网络系统标记语言(NSML)三种基于XML的标记语言来表达与系统和漏洞相关的关键信息,以便于自动化交换和处理。运行在目标主机上的主机漏洞管理器(hvm)维护SIML中的关键系统信息,从各种来源接收CVML中的漏洞通知,确定存在哪些漏洞,并在可能的情况下尝试自动修复漏洞。域漏洞管理器(Domain vulnerability managers, dvm)负责本地网络NSML中的漏洞管理。dvm关联来自hvm的报告,并扫描该域中基于网络的漏洞。我们已经实现了一个框架的原型,它显示了我们的解决方案的有效性和效率。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信