Authors: Alderman, Ian D.
Parter, David W.
Rubin, Shai
Vernon, Mary K.
Title: Foundations for Intrusion Prevention
Language (ISO): en
Abstract: We propose an infrastructure that helps a system administrator to identify a newly published vulnerability on the site hosts and to evaluate the vulnerability’s threat with respect to the administrator’s security priorities. The infrastructure foundation is the vulnerability semantics, a small set of attributes for vulnerability definition. We demonstrate that with a few attributes it is possible to define the majority of the known vulnerabilities in a way that (i) facilitates their accurate identification, and (ii) enables the administrator to rank the vulnerabilities found according to the organization’s security priorities. A large scale experiment demonstrates that our infrastructure can find significant vulnerabilities even in a site with a high security awareness.
Subject Headings: Intrusion Prevention
URI: http://hdl.handle.net/2003/22840
http://dx.doi.org/10.17877/DE290R-14462
Issue Date: 2004-07
Publisher: Gesellschaft für Informatik
Citation: Rubin, Shai; Alderman, Ian D.; Parter, David W.; Vernon, Mary K.: Foundations for Intrusion Prevention. In Flegel, U.; Meier, M. (Eds.): Proc. of the International GI Workshop on Detection of Intrusions and Malware & Vulnerability Assessment, number P-46 in Lecture Notes in Informatics, pp. 143-160, Dortmund, Germany, July 2004, Köllen Verlag; ISBN 3-88579-365-X.
Is part of: DIMVA 2004, July 6-7, Dortmund, Germany
Appears in Collections:Papers

Files in This Item:
File Description SizeFormat 
DIMVA2004-Rubin_et_al.pdf464.47 kBAdobe PDFView/Open


This item is protected by original copyright



All resources in the repository are protected by copyright.