• DocumentCode
    433504
  • Title

    Vulnerability profile for Linux

  • Author

    Wita, Ratsameetip ; Teng-amnuay, Yunyong

  • Author_Institution
    Dept. of Comput. Eng., Chulalongkorn Univ., Bangkok, Thailand
  • Volume
    1
  • fYear
    2005
  • fDate
    28-30 March 2005
  • Firstpage
    953
  • Abstract
    A system with efficient security tools is not secured if its operating system is vulnerable. Various security enhancements for operating systems provide different security levels and profiles. Administrators have to choose the appropriate level or profile of protection for their systems. Our work attempts to systematically quantify the level of vulnerability for operating systems with a profiling scheme based on the severity of the attack as listed in the CVE. Linux, due to its open source nature, is used as a case study. Vanilla Linux, Linux with hardening, and Linux with LSM enhancement, are profiled and compared.
  • Keywords
    Linux; classification; security of data; OS hardening; Vanilla Linux; security enhancement; vulnerability classification; vulnerability profiling scheme; Access control; Buffer overflow; Computer security; Data security; Information security; Linux; Operating systems; Power system security; Protection; Standards organizations; CVE; Linux; OS hardening; security enhancement; severity of attack; vulnerability classification; vulnerability profiling scheme;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Advanced Information Networking and Applications, 2005. AINA 2005. 19th International Conference on
  • ISSN
    1550-445X
  • Print_ISBN
    0-7695-2249-1
  • Type

    conf

  • DOI
    10.1109/AINA.2005.343
  • Filename
    1423610
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=433504