论文信息 - Centralized vulnerability database for organization specific automated vulnerabilities discovery and supervision

Centralized vulnerability database for organization specific automated vulnerabilities discovery and supervision

Software Vulnerabilities have been a major concern for enterprises for evaluating vulnerabilities of their software products. For assessing vulnerabilities there are various sites to look upon and search for exposures related to various software products. When vulnerability is detected and exposed on vulnerability database; discovery, analysis and redressal through manual intervention is too moderate, tedious and might not be viable. The purpose of this research is to suggest a method for creation of an effective process of gathering vulnerability information from various vulnerability databases, making it organization specific, classifying and ordering for easy accessibility to the system administrators. Integration of existing open vulnerabilities databases permits to build the likelihood of discovery of vulnerable software and hardware that are utilized as a part of software systems and enhance the quality of security analysis. This will ease the job of system administrator from scanning all vulnerability databases manually and save their time and effort.

[1] Robert Roedler,et al. Detection of Zero Day Exploits Using Real-Time Social Media Streams , 2015, NaBIC.

[2] Igor V. Kotenko,et al. Integrated Repository of Security Information for Network Security Evaluation , 2015, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[3] N.C. Rowe,et al. Automatically Building an Information-Security Vulnerability Database , 2006, 2006 IEEE Information Assurance Workshop.

[4] Mehran Bozorgi,et al. Beyond heuristics: learning to classify vulnerabilities and predict exploits , 2010, KDD.

[5] Markus Schumacher,et al. Data Mining in Vulnerability Databases , 2000 .

[6] Indrajit Ray,et al. Automated Extraction of Vulnerability Information for Home Computer Security , 2014, FPS.

[7] Timothy W. Finin,et al. Extracting Information about Security Vulnerabilities from Web Text , 2011, 2011 IEEE/WIC/ACM International Conferences on Web Intelligence and Intelligent Agent Technology.