By Topic

Arm up administrators: automated vulnerability management

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
H. T. Tian ; Dept. of Comput. Sci., Univ. of Sci. & Technol. of China, Hefei, China ; L. S. Huang ; Z. Zhou ; Y. L. Luo

With the continuous flood of vulnerabilities of computers, vulnerability management is a very important task for administrators to keep systems as secure as possible. Facing numerous attackers armed with complicated, automated tools, current manual vulnerability management by administrators is so time-consuming, error-prone. Administrators also do need automated defensive tools. This paper proposes an open framework of automated vulnerability management that dramatically alleviates the burden of administrators and improves the security of systems. In this framework, we present three XML based markup languages, Common Vulnerability Markup Language (CVML), System Information Markup Language (SIML), Network System Markup Language (NSML) to express crucial information related to systems and vulnerabilities to facilitate automated exchange and processing. Host vulnerability managers (HVMs) running on the target host maintain the crucial system information in SIML, receive vulnerability advisories in CVML from various sources, decide what vulnerabilities exist, and try to fix vulnerabilities automatically if possible. Domain vulnerability managers (DVMs) are responsible for the vulnerability management in NSML of the local network. DVMs correlate reports from HVMs and scan for network-based vulnerabilities in this domain. We have implemented a prototype of the framework that shows the effectiveness and efficiency of our solution.

Published in:

Parallel Architectures, Algorithms and Networks, 2004. Proceedings. 7th International Symposium on

Date of Conference:

10-12 May 2004