109

urn:lsid:arphahub.com:pub:3dc5f44e-8666-58db-bc76-a455210e8891

JUCS - Journal of Universal Computer Science

jucs

0948-695X 0948-6968

Journal of Universal Computer Science

10.3217/jucs-025-09-1043

22645

Research Article

H.3.1 - Content Analysis and Indexing H.3.2 - Information Storage H.3.3 - Information Search and Retrieval H.3.7 - Digital Libraries H.5.1 - Multimedia Information Systems

Determination of System Weaknesses Based on the Analysis of Vulnerability Indexes and the Source Code of Exploits

Fedorchenko

Andrey

fedorchenko@comsec.spb.ru 1 Doynikova

Elena

1 Kotenko

Igor

St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences, St. Petersburg, Russia

St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences

St. Petersburg

Russia

Corresponding author: Andrey Fedorchenko (fedorchenko@comsec.spb.ru).

Academic editor:

2019

28 09 2019

25 9 1043 1065 D1D5983B-55DB-5F20-B3E3-F54DFE3AD0D7 4840882 16 01 2019 09 07 2019

Andrey Fedorchenko, Elena Doynikova, Igor Kotenko

This article is freely available under the J.UCS Open Content License.

Abstract

Currently the problem of monitoring the security of information systems is highly relevant. One of the important security monitoring tasks is to automate the process of determination of the system weaknesses for their further elimination. The paper considers the techniques for analysis of vulnerability indexes and exploit source code, as well as their subsequent classification. The suggested approach uses open security sources and incorporates two techniques, depending on the available security data. The first technique is based on the analysis of publicly available vulnerability indexes of the Common Vulnerability Scoring System for vulnerability classification by weaknesses. The second one complements the first one in case if there are exploits but there are no associated vulnerabilities and therefore the indexes for classification are absent. It is based on the analysis of the exploit source code for the features, i.e. indexes, using graph models. The extracted indexes are further used for weakness determination using the first technique. The paper provides the experiments demonstrating an effectiveness and potential of the developed techniques. The obtained results and the methods for their enhancement are discussed.