Improving present security through the detection of past hidden vulnerable states

Author

Barrere, Martin ; Badonnel, Remi ; Festor, Olivier

Author_Institution

LORIA, INRIA Nancy Grand Est, Nancy, France

fYear

2013

fDate

27-31 May 2013

Firstpage

471

Lastpage

477

Abstract

Vulnerability assessment activities usually analyze new security advisories over current running systems. However, a system compromised in the past by a vulnerability unknown at that moment may still constitute a potential security threat in the present. Accordingly, past unknown system exposures are required to be taken into account. We present in this paper a novel approach for increasing the overall security of computing systems by identifying past hidden vulnerable states. In that context, we propose a modeling for detecting unknown past system exposures as well as an OVAL-based distributed framework for autonomously gathering network devices information and automatically analyzing their past security exposure. We also describe an implementation prototype and evaluate its performance through an extensive set of experiments.

Keywords

distributed processing; security of data; OVAL-based distributed framework; autonomous network device information gathering; overall computing systems security; past hidden vulnerable state detection; past security exposure analysis; security advisories; security improvement; security threat; vulnerability assessment activities; Computer architecture; Data collection; Forensics; Mathematical model; Performance evaluation; Prototypes; Security;

fLanguage

English

Publisher

ieee

Conference_Titel

Integrated Network Management (IM 2013), 2013 IFIP/IEEE International Symposium on

Conference_Location

Ghent

Print_ISBN

978-1-4673-5229-1

Type

conf

Filename

6573020