A cross-site patch management model and architecture design for large scale heterogeneous environment

Many reports indicated that most damages caused by computer viruses and hackers' attacks are due to management problems. Computing environments implementing well managed patch management processes with quick response mechanisms survive from most of serious attacks, such as My Doom and Sasser Warm attacks in 2004. Medium or large enterprises usually have heterogeneous computing environments. For example, a company may use an Apache server in a Linux-base PC as its Internet Web server, use an IBM AIX running IBM DB2 database system as a database server, and equip all employees with Windows-based PCs running Microsoft Office for their daily work. Also, employees might work at many different locations. In the enterprise patch management (PM) market today, there are very few complete off-the-shelf solutions. A systematic efficient PM process model with complete patch management activity process cycle and patching strategies was proposed. We also propose an automatic five-layer PM system application architecture supporting heterogeneous environment. The model, hopefully, makes enterprise patch process more efficient, and reduces the risks suffer from patch management challenges.

[1]  Li-Yong Ren,et al.  Using data mining to discover signatures in network-based intrusion detection , 2002, Proceedings. International Conference on Machine Learning and Cybernetics.

[2]  Sukumar Nandi,et al.  Utilizing statistical characteristics of N-grams for intrusion detection , 2003, Proceedings. 2003 International Conference on Cyberworlds.

[3]  George C. Necula,et al.  CCured in the real world , 2003, PLDI '03.

[4]  Qiang Chen,et al.  Probabilistic techniques for intrusion detection based on computer audit data , 2001, IEEE Trans. Syst. Man Cybern. Part A.

[5]  Jean Mouton,et al.  The challenges and successes of implementing an enterprise patch management solution , 2004, SIGUCCS '04.

[6]  Shiuh-Pyng Shieh,et al.  A pattern-oriented intrusion-detection model and its applications , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[7]  Dwen-Ren Tsai,et al.  A hybrid intelligent intrusion detection system to recognize novel attacks , 2003, IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings..

[8]  Galen C. Hunt,et al.  Detours: binary interception of Win32 functions , 1999 .

[9]  Dharma P. Agrawal,et al.  SVM-based intrusion detection system for wireless ad hoc networks , 2003, 2003 IEEE 58th Vehicular Technology Conference. VTC 2003-Fall (IEEE Cat. No.03CH37484).

[10]  Giovanni Vigna,et al.  Intrusion detection: a brief history and overview , 2002 .