A requires/provides model for computer attacks
Proceedings of the 2000 workshop on New security paradigms
Scalable, graph-based network vulnerability analysis
Proceedings of the 9th ACM conference on Computer and communications security
The Vision of Autonomic Computing
Computer
ICAS-ICNS '05 Proceedings of the Joint International Conference on Autonomic and Autonomous Systems and International Conference on Networking and Services
MulVAL: a logic-based network security analyzer
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Enabling Self-Configuration in Autonomic Systems Using Case-Based Reasoning with Improved Efficiency
ICAS '08 Proceedings of the Fourth International Conference on Autonomic and Autonomous Systems
ACML: Capability Based Attack Modeling Language
IAS '08 Proceedings of the 2008 The Fourth International Conference on Information Assurance and Security
Dynamic dependencies and performance improvement
LISA'08 Proceedings of the 22nd conference on Large installation system administration conference
Improving IT Change Management Processes with Automated Risk Assessment
DSOM '09 Proceedings of the 20th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management: Integrated Management of Systems, Services, Processes and People in IT
Vulnerability Management
TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Change Priority Determination in IT Service Management Based on Risk Exposure
IEEE Transactions on Network and Service Management
Collaborative remediation of configuration vulnerabilities in autonomic networks and systems
Proceedings of the 8th International Conference on Network and Service Management
Hi-index | 0.00 |
Changes that are operated by autonomic networks and systems may generate vulnerabilities and increase the exposure to security attacks. We present in this paper a new approach for increasing vulnerability awareness in such self-managed environments. Our objective is to enable autonomic networks to take advantage of the knowledge provided by vulnerability descriptions in order to maintain safe configurations. In that context, we propose a modeling and an architecture for automatically translating these descriptions into policy rules that are interpretable by an autonomic configuration system. We also describe an implementation prototype and evaluate its performance through an extensive set of experiments.