Colorado State University
Whyman, Paul Arthur.
Automatic endpoint vulnerability detection of Linux and open source using the National Vulnerability Database.
Degree: MS(M.S.), Computer Science, 2008, Colorado State University
A means to reduce security risks to a network of computers is to manage which computers can participate on a network, and control the participation of systems that do not conform to the security policy. Requiring systems to demonstrate their compliance to the policy can limit the risk of allowing uncompiling systems access to trusted networks. One aspect of determining the risk a system represents is patch-level, a comparison between the availability of vendor security patches and their application on a system. A fully updated system has all available patches applied. Using patch level as a security policy metric, systems can evaluate as compliant, yet may still contain known vulnerabilities, representing real risks of exploitation. An alternative approach is a direct comparison of system software to public vulnerability reports contained in the National Vulnerability Database (NVD). This approach may produce a more accurate assessment of system risk for several reasons including removing the delay caused by vendor patch development and by analyzing system risk using vender-independent vulnerability information. This work demonstrates empirically that current, fully patched systems contain numerous software vulnerabilities. This technique can apply to platforms other than those of Open Source origin. This alternative method, which compares system software components to lists of known software vulnerabilities, must reliably match system components to those listed as vulnerable. This match requires a precise identification of both the vulnerability and the software that the vulnerability affects. In the process of this analysis, significant issues arose within the NVD pertaining to the presentation of Open Source vulnerability information. Direct matching is not possible using the current information in the NVD. Furthermore, these issues support the belief that the NVD is not an accurate data source for popular statistical comparisons between closed and open source software.
Advisors/Committee Members: Ray, Indrajit (advisor), Krawetz, Neal (committee member), Whitley, L. Darrell (committee member), Hayne, Stephen (committee member).
Subjects/Keywords: Open source software; Computer security
to Zotero / EndNote / Reference
APA (6th Edition):
Whyman, P. A. (2008). Automatic endpoint vulnerability detection of Linux and open source using the National Vulnerability Database. (Masters Thesis). Colorado State University. Retrieved from http://hdl.handle.net/10217/80811
Chicago Manual of Style (16th Edition):
Whyman, Paul Arthur. “Automatic endpoint vulnerability detection of Linux and open source using the National Vulnerability Database.” 2008. Masters Thesis, Colorado State University. Accessed February 27, 2021.
MLA Handbook (7th Edition):
Whyman, Paul Arthur. “Automatic endpoint vulnerability detection of Linux and open source using the National Vulnerability Database.” 2008. Web. 27 Feb 2021.
Whyman PA. Automatic endpoint vulnerability detection of Linux and open source using the National Vulnerability Database. [Internet] [Masters thesis]. Colorado State University; 2008. [cited 2021 Feb 27].
Available from: http://hdl.handle.net/10217/80811.
Council of Science Editors:
Whyman PA. Automatic endpoint vulnerability detection of Linux and open source using the National Vulnerability Database. [Masters Thesis]. Colorado State University; 2008. Available from: http://hdl.handle.net/10217/80811