A host deployed vulnerability assessment system based on OVAL

Author

Zheng, Jiong ; Zhang, Xiao-Song ; Pan, Xiao-hui

Author_Institution

Sch. of Comput. Sci. & Eng., Univ. of Electron. Sci. & Technol. of China, Chengdu, China

Volume

2

fYear

2010

fDate

22-24 Oct. 2010

Abstract

Vulnerability is a weakness which allow attacker to reduce a system´s information assurance. Many security problems are caused by vulnerabilities. Part of them can be identified and assessed in virtue of vulnerability assessment tools. However, current vulnerability assessments involve in some drawbacks, such as high false positive rate, long assessing time and requirement of attack codes. Aiming at the problems above, we proposed a vulnerability assessment system based on OVAL (Open Vulnerability Assessment Language). And we optimize the assess method of OVAL definitions. Compared with traditional assessment system, and proved by our experiments it is of high accuracy, low assessing time as a result of host-deployed and OVAL.

Keywords

security of data; Open Vulnerability Assessment Language; host deployed vulnerability assessment system; security problem; system information assurance; Databases; Educational institutions; network security; open vulnerability assessment language; vulnerability assessment;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Application and System Modeling (ICCASM), 2010 International Conference on

Conference_Location

Taiyuan

Print_ISBN

978-1-4244-7235-2

Electronic_ISBN

978-1-4244-7237-6

Type

conf

DOI

10.1109/ICCASM.2010.5620117

Filename

5620117