Repository logo
 

Automatic endpoint vulnerability detection of Linux and open source using the National Vulnerability Database

dc.contributor.authorWhyman, Paul Arthur, author
dc.contributor.authorRay, Indrajit, advisor
dc.contributor.authorKrawetz, Neal, committee member
dc.contributor.authorWhitley, L. Darrell, committee member
dc.contributor.authorHayne, Stephen, committee member
dc.date.accessioned2007-01-03T06:01:37Z
dc.date.available2007-01-03T06:01:37Z
dc.date.issued2008
dc.description.abstractA means to reduce security risks to a network of computers is to manage which computers can participate on a network, and control the participation of systems that do not conform to the security policy. Requiring systems to demonstrate their compliance to the policy can limit the risk of allowing uncompiling systems access to trusted networks. One aspect of determining the risk a system represents is patch-level, a comparison between the availability of vendor security patches and their application on a system. A fully updated system has all available patches applied. Using patch level as a security policy metric, systems can evaluate as compliant, yet may still contain known vulnerabilities, representing real risks of exploitation. An alternative approach is a direct comparison of system software to public vulnerability reports contained in the National Vulnerability Database (NVD). This approach may produce a more accurate assessment of system risk for several reasons including removing the delay caused by vendor patch development and by analyzing system risk using vender-independent vulnerability information. This work demonstrates empirically that current, fully patched systems contain numerous software vulnerabilities. This technique can apply to platforms other than those of Open Source origin. This alternative method, which compares system software components to lists of known software vulnerabilities, must reliably match system components to those listed as vulnerable. This match requires a precise identification of both the vulnerability and the software that the vulnerability affects. In the process of this analysis, significant issues arose within the NVD pertaining to the presentation of Open Source vulnerability information. Direct matching is not possible using the current information in the NVD. Furthermore, these issues support the belief that the NVD is not an accurate data source for popular statistical comparisons between closed and open source software.
dc.format.mediummasters theses
dc.identifier2008_Summer_Whyman_Paul.pdf
dc.identifierETDF2008400015COMS
dc.identifier.urihttp://hdl.handle.net/10217/80811
dc.languageEnglish
dc.language.isoeng
dc.publisherColorado State University. Libraries
dc.relationCatalog record number (MMS ID): 991009478099703361
dc.relationTK5105.59.W595 2008
dc.relation.ispartof2000-2019
dc.rightsCopyright and other restrictions may apply. User is responsible for compliance with all applicable laws. For information about copyright law, please see https://libguides.colostate.edu/copyright.
dc.subjectOpen source software
dc.subjectComputer security
dc.titleAutomatic endpoint vulnerability detection of Linux and open source using the National Vulnerability Database
dc.typeText
dcterms.rights.dplaThis Item is protected by copyright and/or related rights (https://rightsstatements.org/vocab/InC/1.0/). You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s).
thesis.degree.disciplineComputer Science
thesis.degree.grantorColorado State University
thesis.degree.levelMasters
thesis.degree.nameMaster of Science (M.S.)

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
2008_Summer_Whyman_Paul.pdf
Size:
1.91 MB
Format:
Adobe Portable Document Format
Description: