Authors: Alderman, Ian D.
Parter, David W.
Rubin, Shai
Vernon, Mary K.
Title: Foundations for Intrusion Prevention
Language (ISO): en
Abstract: We propose an infrastructure that helps a system administrator to identify a newly published vulnerability on the site hosts and to evaluate the vulnerability’s threat with respect to the administrator’s security priorities. The infrastructure foundation is the vulnerability semantics, a small set of attributes for vulnerability definition. We demonstrate that with a few attributes it is possible to define the majority of the known vulnerabilities in a way that (i) facilitates their accurate identification, and (ii) enables the administrator to rank the vulnerabilities found according to the organization’s security priorities. A large scale experiment demonstrates that our infrastructure can find significant vulnerabilities even in a site with a high security awareness.
Subject Headings: Intrusion Prevention
Issue Date: 2004-07
Provenance: Gesellschaft für Informatik
Citation: Rubin, Shai; Alderman, Ian D.; Parter, David W.; Vernon, Mary K.: Foundations for Intrusion Prevention. In Flegel, U.; Meier, M. (Eds.): Proc. of the International GI Workshop on Detection of Intrusions and Malware & Vulnerability Assessment, number P-46 in Lecture Notes in Informatics, pp. 143-160, Dortmund, Germany, July 2004, Köllen Verlag; ISBN 3-88579-365-X.
Is part of: DIMVA 2004, July 6-7, Dortmund, Germany
Appears in Collections:Papers

Files in This Item:
File Description SizeFormat 
DIMVA2004-Rubin_et_al.pdf464.47 kBAdobe PDFView/Open

This item is protected by original copyright

Items in Eldorado are protected by copyright, with all rights reserved, unless otherwise indicated.