Open AccessPKG‐VUL: Security Vulnerability Evaluation and Patch Framework for Package‐Based Systems
Author(s) -
Lee JongHyouk,
Sohn SeonGyoung,
Chang BeomHwan,
Chung TaiMyoung
Publication year - 2009
Publication title -
etri journal
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.295
H-Index - 46
eISSN - 2233-7326
pISSN - 1225-6463
DOI - 10.4218/etrij.09.0108.0578
Subject(s) - vulnerability (computing) , vulnerability management , simple network management protocol , exploit , variety (cybernetics) , computer science , network management , network security , computer security , host (biology) , protocol (science) , software , vulnerability assessment , networking hardware , computer network , biology , artificial intelligence , operating system , ecology , psychology , medicine , alternative medicine , pathology , psychological resilience , psychotherapist
In information security and network management, attacks based on vulnerabilities have grown in importance. Malicious attackers break into hosts using a variety of techniques. The most common method is to exploit known vulnerabilities. Although patches have long been available for vulnerabilities, system administrators have generally been reluctant to patch their hosts immediately because they perceive the patches to be annoying and complex. To solve these problems, we propose a security vulnerability evaluation and patch framework called PKG‐VUL, which evaluates the software installed on hosts to decide whether the hosts are vulnerable and then applies patches to vulnerable hosts. All these operations are accomplished by the widely used simple network management protocol (SNMP). Therefore, system administrators can easily manage their vulnerable hosts through PKG‐VUL included in the SNMP‐based network management systems as a module. The evaluation results demonstrate the applicability of PKG‐VUL and its performance in terms of devised criteria.