ETRI-Knowledge Sharing Plaform

ENGLISH

성과물

논문 검색
구분 SCI
연도 ~ 키워드

상세정보

학술지 PKG-VUL: Security Vulnerability Evaluation and Patch Framework for Package-Based Systems
Cited 8 time in scopus Download 1 time Share share facebook twitter linkedin kakaostory
저자
이종혁, 손선경, 장범환, 정태명
발행일
200910
출처
ETRI Journal, v.31 no.5, pp.554-564
ISSN
1225-6463
출판사
한국전자통신연구원 (ETRI)
DOI
https://dx.doi.org/10.4218/etrij.09.0108.0578
협약과제
09MS2700, AII-IP 환경의 지능형 사이버 공격 감시 및 추적 시스템 개발, 나중찬
초록
In information security and network management, attacks based on vulnerabilities have grown in importance. Malicious attackers break into hosts using a variety of techniques. The most common method is to exploit known vulnerabilities. Although patches have long been available for vulnerabilities, system administrators have enerally been reluctant to patch their hosts immediately because they perceive the patches to be annoying and complex. To solve these problems, we propose a security vulnerability evaluation and patch framework called PKG-VUL, which evaluates the software installed on hosts to decide whether the hosts are vulnerable and then applies patches to vulnerable hosts. All these operations are accomplished by the widely used simple network management protocol (SNMP). Therefore, system administrators can easily manage their vulnerable hosts through PKG-VUL included in the SNMP-based network management systems as a module. The evaluation results demonstrate the applicability of PKG-VUL and its performance in terms of devised criteria.
키워드
Patch, PKG-MIB, PKG-VLU, Security vulnerability evaluation, SNMP, Ubuntu
KSP 제안 키워드
Management system, Security vulnerabilities, Simple Network Management Protocol(SNMP), Vulnerability evaluation, based system, information Security