Software Vulnerability Analysis Using CPE and CVE
نویسندگان
چکیده
In this paper, we analyze the Common Platform Enumeration (CPE) dictionary and the Common Vulnerabilities and Exposures (CVE) feeds. These repositories are widely used in Vulnerability Management Systems (VMSs) to check for known vulnerabilities in software products. The analysis shows, among other issues, a lack of synchronization between both datasets that can lead to incorrect results output by VMSs relying on those datasets. To deal with these problems, we developed a method that recommends to a user a prioritized list of CPE identifiers for a given software product. The user can then assign (and, if necessary, adapt) the most suitable CPE identifier to the software so that regular (e.g., daily) checks can find known vulnerabilities for this software in the CVE feeds. Our evaluation of this method shows that this interaction is indeed necessary because a fully automated CPE assignment is prone to errors due to the CPE and CVE shortcomings. We implemented an open-source VMS that employs the proposed method and published it on GitHub.
منابع مشابه
Beyond Internet Scanning: Banner Processing for Passive Software Vulnerability Assessment
Nowadays, the increasing number of devices and services that require a direct Internet access, creates new security challenges. These challenges need to meet user feature-based requirements with the companies’ restrictive security policies. Therefore, security administrators need to adopt novel tools in order to quickly and non-intrusively verify the degree of exposure of Internet-facing servic...
متن کاملEffects of Community-Based Paid Extension on Reducing Vulnerability of Smallholder Dairy Farmers of Southwest Bangladesh
The study investigated the effect of Community-Based Paid Extension (CPE) on vulnerability reduction of smallholder dairy farmers. Randomly sampled 255 farmers were interviewed together with 15 key informants’ interview. Both statistical analysis and thematic approach were employed to achieve triangulation. In about 68 % of cases, CPE reduced vulnerability to a degree experienced as ‘moderate’,...
متن کاملThe Development of a Common Vulnerability Enumeration
This paper traces the development of a Common Enumeration of Vulnerabilities and Exposures (CVE) that standardizes and lists vulnerabilities and security exposures to facilitate data sharing and comparison across computer vulnerability databases, such as those produced by security tools and academic research. The MITRE Corporation is building a syste m that can integrate and manage vulnerabilit...
متن کاملSecurity Content Metadata Model with an Efficient Search Methodology for Real Time Monitoring and Threat Intelligence
The Security Content Automation Protocol (SCAP) federates a number of open standards that are used to enumerate software flaws and configuration issues related to security. They measure systems to find vulnerabilities and offer methods to score those findings in order to evaluate the possible impact. There are a number of SCAP components such as Common Vulnerabilities and Exposures (CVE), Commo...
متن کاملAn Ontology-based Approach to Model Common Vulnerabilities and Exposures in Information Security
Machine understandable security vulnerabilities are in need for security content automation [2]. Common Vulnerabilities and Exposures (CVE) is an industry standard of common names for publicly known information security vulnerabilities, and has been widely adopted by organizations to provide better coverage, easier interoperability, and enhanced security [1]. In this paper, we focus our researc...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1705.05347 شماره
صفحات -
تاریخ انتشار 2017