JUCS - Journal of Universal Computer Science 25(9): 1043-1065, doi: 10.3217/jucs-025-09-1043
Determination of System Weaknesses Based on the Analysis of Vulnerability Indexes and the Source Code of Exploits
expand article infoAndrey Fedorchenko, Elena Doynikova, Igor Kotenko
‡ St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences, St. Petersburg, Russia
Open Access
Currently the problem of monitoring the security of information systems is highly relevant. One of the important security monitoring tasks is to automate the process of determination of the system weaknesses for their further elimination. The paper considers the techniques for analysis of vulnerability indexes and exploit source code, as well as their subsequent classification. The suggested approach uses open security sources and incorporates two techniques, depending on the available security data. The first technique is based on the analysis of publicly available vulnerability indexes of the Common Vulnerability Scoring System for vulnerability classification by weaknesses. The second one complements the first one in case if there are exploits but there are no associated vulnerabilities and therefore the indexes for classification are absent. It is based on the analysis of the exploit source code for the features, i.e. indexes, using graph models. The extracted indexes are further used for weakness determination using the first technique. The paper provides the experiments demonstrating an effectiveness and potential of the developed techniques. The obtained results and the methods for their enhancement are discussed.
vulnerability analysis, exploit analysis, vulnerability metrics, abstract semantic graphs, data mining, data classification, open security data sources, security monitoring