|Authors:||Alderman, Ian D.|
Parter, David W.
Vernon, Mary K.
|Title:||Foundations for Intrusion Prevention|
|Abstract:||We propose an infrastructure that helps a system administrator to identify a newly published vulnerability on the site hosts and to evaluate the vulnerability’s threat with respect to the administrator’s security priorities. The infrastructure foundation is the vulnerability semantics, a small set of attributes for vulnerability definition. We demonstrate that with a few attributes it is possible to define the majority of the known vulnerabilities in a way that (i) facilitates their accurate identification, and (ii) enables the administrator to rank the vulnerabilities found according to the organization’s security priorities. A large scale experiment demonstrates that our infrastructure can find significant vulnerabilities even in a site with a high security awareness.|
|Subject Headings:||Intrusion Prevention|
|Provenance:||Gesellschaft für Informatik|
|Citation:||Rubin, Shai; Alderman, Ian D.; Parter, David W.; Vernon, Mary K.: Foundations for Intrusion Prevention. In Flegel, U.; Meier, M. (Eds.): Proc. of the International GI Workshop on Detection of Intrusions and Malware & Vulnerability Assessment, number P-46 in Lecture Notes in Informatics, pp. 143-160, Dortmund, Germany, July 2004, Köllen Verlag; ISBN 3-88579-365-X.|
|Is part of:||DIMVA 2004, July 6-7, Dortmund, Germany|
|Appears in Collections:||Papers|
Files in This Item:
|DIMVA2004-Rubin_et_al.pdf||464.47 kB||Adobe PDF||View/Open|
This item is protected by original copyright
Items in Eldorado are protected by copyright, with all rights reserved, unless otherwise indicated.