Gesellschaft fr Informatik e.V.

Lecture Notes in Informatics


Detection of Intrusions and Malware & Vulnerability Assessment, GI SIG SIDAR Workshop, DIMVA 2004, Dortmund, Germany, July 6.7, 2004 P-46, 143-160 (2004).

GI, Gesellschaft für Informatik, Bonn
2004


Editors

Ulrich Flegel, Michael Meier (eds.)


Copyright © GI, Gesellschaft für Informatik, Bonn

Contents

Foundations for intrusion prevention

Rubin Shai , Ian D. Alderman , David W. Parter and Mary K. Vernon

Abstract


We propose an infrastructure that helps a system administrator to identify a newly published vulnerability on the site hosts and to evaluate the vulnerability's threat with respect to the administrator's security priorities. The infrastructure foundation is the vulnerability semantics, a small set of attributes for vulnerability definition. We demonstrate that with a few attributes it is possible to define the majority of the known vulnerabilities in a way that (i) facilitates their accurate identification, and (ii) enables the administrator to rank the vulnerabilities found according to the organization's security priorities. A large scale experiment demonstrates that our infrastructure can find significant vulnerabilities even in a site with a high security awareness.


Full Text: PDF

GI, Gesellschaft für Informatik, Bonn
ISBN 3-88579-375-X


Last changed 24.01.2012 21:45:58