Abstract | ||
---|---|---|
Computer and network systems are consistently exposed to security threats, making their management even more complex. The management of known vulnerabilities plays a crucial role for ensuring their safe configurations and preventing security attacks. However, this activity should not generate new vulnerable states. In this paper we present a novel approach for autonomously assessing and remediating vulnerabilities. We describe a detailed mathematical model that supports this activity and we formalize the remediation decision process as a SAT problem. We present a framework that is able to assess OVAL vulnerability descriptions and perform corrective actions by using XCCDF-based descriptions of future machine states and the NETCONF protocol. We also provide details of our implementation and evaluate its feasibility through a comprehensive set of experiments. |
Year | DOI | Venue |
---|---|---|
2014 | 10.1109/NOMS.2014.6838309 | Network Operations and Management Symposium |
Keywords | Field | DocType |
computability,computer network security,protocols,NETCONF protocol,OVAL vulnerability descriptions,SAT-based autonomous strategy,XCCDF-based descriptions,computer systems,network systems,remediation decision process,satisfiability,security attacks preveniont,security threats,security vulnerability management | Vulnerability (computing),Security through obscurity,Computer science,Computer security,Security service,Vulnerability management,Security information and event management,Countermeasure (computer),Network management,Computer security model,Distributed computing | Conference |
ISSN | Citations | PageRank |
1542-1201 | 4 | 0.44 |
References | Authors | |
12 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Barrére, M. | 1 | 4 | 0.44 |
Remi Badonnel | 2 | 154 | 22.43 |
Olivier Festor | 3 | 665 | 85.40 |
Martin Barrere | 4 | 4 | 0.44 |