{"title":"漏洞验证协同管理的众包平台","authors":"Hung-Jen Su, Jen-Yi Pan","doi":"10.1109/APNOMS.2016.7737235","DOIUrl":null,"url":null,"abstract":"In recent years, vulnerability collection platforms become an important part to facilitate development of information security. Usually, platform administrators collect and ratify vulnerability information, which white hat hackers report at first hand, and users hence know which applications have doubts via vulnerability reports published on the platform. However, there are still few reported but unverified vulnerabilities, which may be caused from scarcity of testing targets and limitation of man power. These vulnerabilities might agitate those users who have related applications. This study initiates crowdsourcing to vulnerability collection platforms. The proposed platform collaborates administrators with two new added roles, script writers and target providers, aiming at vulnerability verification. In addition we design two agents, the test scheduler and the log collector, to automatically arrange test cases and collect logs, respectively. With properly scoring on task assignment, these crowd sources can effectively and efficiently collaborate on verification of timely and severe vulnerabilities. Hence this platform can speed up the progress of vulnerability assessment in information security.","PeriodicalId":194123,"journal":{"name":"2016 18th Asia-Pacific Network Operations and Management Symposium (APNOMS)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Crowdsourcing platform for collaboration management in vulnerability verification\",\"authors\":\"Hung-Jen Su, Jen-Yi Pan\",\"doi\":\"10.1109/APNOMS.2016.7737235\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In recent years, vulnerability collection platforms become an important part to facilitate development of information security. Usually, platform administrators collect and ratify vulnerability information, which white hat hackers report at first hand, and users hence know which applications have doubts via vulnerability reports published on the platform. However, there are still few reported but unverified vulnerabilities, which may be caused from scarcity of testing targets and limitation of man power. These vulnerabilities might agitate those users who have related applications. This study initiates crowdsourcing to vulnerability collection platforms. The proposed platform collaborates administrators with two new added roles, script writers and target providers, aiming at vulnerability verification. In addition we design two agents, the test scheduler and the log collector, to automatically arrange test cases and collect logs, respectively. With properly scoring on task assignment, these crowd sources can effectively and efficiently collaborate on verification of timely and severe vulnerabilities. Hence this platform can speed up the progress of vulnerability assessment in information security.\",\"PeriodicalId\":194123,\"journal\":{\"name\":\"2016 18th Asia-Pacific Network Operations and Management Symposium (APNOMS)\",\"volume\":\"26 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 18th Asia-Pacific Network Operations and Management Symposium (APNOMS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/APNOMS.2016.7737235\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 18th Asia-Pacific Network Operations and Management Symposium (APNOMS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/APNOMS.2016.7737235","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Crowdsourcing platform for collaboration management in vulnerability verification
In recent years, vulnerability collection platforms become an important part to facilitate development of information security. Usually, platform administrators collect and ratify vulnerability information, which white hat hackers report at first hand, and users hence know which applications have doubts via vulnerability reports published on the platform. However, there are still few reported but unverified vulnerabilities, which may be caused from scarcity of testing targets and limitation of man power. These vulnerabilities might agitate those users who have related applications. This study initiates crowdsourcing to vulnerability collection platforms. The proposed platform collaborates administrators with two new added roles, script writers and target providers, aiming at vulnerability verification. In addition we design two agents, the test scheduler and the log collector, to automatically arrange test cases and collect logs, respectively. With properly scoring on task assignment, these crowd sources can effectively and efficiently collaborate on verification of timely and severe vulnerabilities. Hence this platform can speed up the progress of vulnerability assessment in information security.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
