Title :
Vulnerability profile for Linux
Author :
Wita, Ratsameetip ; Teng-amnuay, Yunyong
Author_Institution :
Dept. of Comput. Eng., Chulalongkorn Univ., Bangkok, Thailand
Abstract :
A system with efficient security tools is not secured if its operating system is vulnerable. Various security enhancements for operating systems provide different security levels and profiles. Administrators have to choose the appropriate level or profile of protection for their systems. Our work attempts to systematically quantify the level of vulnerability for operating systems with a profiling scheme based on the severity of the attack as listed in the CVE. Linux, due to its open source nature, is used as a case study. Vanilla Linux, Linux with hardening, and Linux with LSM enhancement, are profiled and compared.
Keywords :
Linux; classification; security of data; OS hardening; Vanilla Linux; security enhancement; vulnerability classification; vulnerability profiling scheme; Access control; Buffer overflow; Computer security; Data security; Information security; Linux; Operating systems; Power system security; Protection; Standards organizations; CVE; Linux; OS hardening; security enhancement; severity of attack; vulnerability classification; vulnerability profiling scheme;
Conference_Titel :
Advanced Information Networking and Applications, 2005. AINA 2005. 19th International Conference on
Print_ISBN :
0-7695-2249-1
DOI :
10.1109/AINA.2005.343
