Publication details

Home Publications Publication details

Architectural specifications and design for an automated vulnerability resolver
Alayed A, Furnell SM, Zhao D, Barlow I, Tomlinson M
Proceedings of the Fourth International Network Conference (INC 2004), Plymouth, UK, 6-9 July 2004, pp303-310, 2004
Download links:  Download PDF

Vulnerability management represents an essential task for the IT administrators, in order to safeguard systems against exploitation by attackers and malicious software. However, the management task is non-trivial, as a result of an increasing number of vulnerabilities and the workload implications associated with reading the incoming advisories and acting upon the resulting information. As a step towards addressing the problem, this paper presents the architectural design of an automated vulnerability resolver, which is designed to provide a vendor-independent means of vulnerability notification and rectification for system administrators. The architecture enables incoming advisory messages, from multiple sources, to be filtered and prioritised according the specific requirements of the target environment, and then provides an automated facility by which any associated patches can be obtained and deployed to affected systems. The paper describes the key elements of the architecture, and illustrates the viability by means of a prototype system.

Alayed A, Furnell SM, Zhao D, Barlow I, Tomlinson M