Back to Search Start Over

An OVAL-based active vulnerability assessment system for enterprise computer networks.

Authors :
Xiuzhen Chen
Qinghua Zheng
Xiaohong Guan
Source :
Information Systems Frontiers; Dec2008, Vol. 10 Issue 5, p573-588, 16p, 2 Black and White Photographs, 7 Diagrams, 8 Charts, 2 Graphs
Publication Year :
2008

Abstract

Many security problems are caused by vulnerabilities hidden in enterprise computer networks. It is very important for system administrators to have knowledge about the security vulnerabilities. However, current vulnerability assessment methods may encounter the issues of high false positive rates, long computational time, and requirement of developing attack codes. Moreover, they are only capable of locating individual vulnerabilities on a single host without considering correlated effect of these vulnerabilities on a host or a section of network with the vulnerabilities possibly distributed among different hosts. To address these issues, an active vulnerability assessment system NetScope with C/S architecture is developed for evaluating computer network security based on open vulnerability assessment language instead of simulating attacks. The vulnerabilities and known attacks with their prerequisites and consequences are modeled based on predicate logic theory and are correlated so as to automatically construct potential attack paths with strong operation power of relational database management system. The testing results from a series of experiments show that this system has the advantages of a low false positive rate, short running periods, and little impact on the performance of audited systems and good scalability. The security vulnerabilities, undetectable if assessed individually in a network, are discovered without the need to simulate attacks. It is shown that the NetScope system is well suited for vulnerability assessment of large-scale computer networks such as campus networks and enterprise networks. Moreover, it can also be easily integrated with other security tools based on relational databases. [ABSTRACT FROM AUTHOR]

Details

Language :
English
ISSN :
13873326
Volume :
10
Issue :
5
Database :
Complementary Index
Journal :
Information Systems Frontiers
Publication Type :
Academic Journal
Accession number :
34483421
Full Text :
https://doi.org/10.1007/s10796-008-9111-6