Advanced Search
CS Search Google Search
Subscribers, please login

Published Articles >> Table of Contents >> Abstract

2004 International Symposium on Parallel Architectures, Algorithms and Networks (ISPAN'04)   p. 587
Arm up Administrators: Automated Vulnerability Management
H. T. Tian, University of Sci.&Tech. of China
L. S. Huang, University of Sci.&Tech. of China
Z. Zhou, University of Sci.&Tech. of China
Y. L. Luo, University of Sci.&Tech. of China
Full Article Text: Download PDF of full textBuy this articleGet full text from IEEE Xplore

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ISPAN.2004.1300542
Send link to a friend

Abstract
With the continuous flood of vulnerabilities of computers, vulnerability management is a very important task for administrators to keep systems as secure as possible. Facing numerous attackers armed with complicated, automated tools, current manual vulnerability management by administrators is so time-consuming, error-prone. Administrators also do need automated defensive tools. This paper proposes an open framework of automated vulnerability management that dramatically alleviates the burden of administrators and improves the security of systems. In this framework, we present three XML based markup languages, Common Vulnerability Markup Language (CVML), System Information Markup Language (SIML), Network System Markup Language (NSML) to express crucial information related to systems and vulnerabilities to facilitate automated exchange and processing. Host Vulnerability Managers (HVMs) running on the target host maintain the crucial system information in SIML, receive vulnerability advisories in CVML from various sources, decide what vulnerabilities exist, and try to fix vulnerabilities automatically if possible. Domain vulnerability managers (DVMs) are responsible for the vulnerability management in NSML of the local network. DVMs correlate reports from HVMs and scan for network-based vulnerabilities in this domain. We have implemented a prototype of the framework that shows the effectiveness and efficiency of our solution.
Additional Information

Citation:  H. T. Tian, L. S. Huang, Z. Zhou, Y. L. Luo, "Arm up Administrators: Automated Vulnerability Management," ispan, p. 587,  2004 International Symposium on Parallel Architectures, Algorithms and Networks (ISPAN'04),  2004

Similar Articles

Abstract Contents
Abstract
Citation

Download Citation
Ascii Text
BibTex
RefWorks
Procite/RefMan/Endnote




Free access to

  • Abstracts
  • Selected PDFs

Electronic subscribers login to:

  • Access HTML/PDFs of full text articles

Subscription information

Get a Web account

Peer Review Notice

Give us Feedback