A Host Deployed Vulnerability Assessment System Based On OVAL
Vulnerability is a weakness which allow attacker to reduce a systems information assurance. Many security problems are caused by vulnerabilities. Part of them can be identified and assessed in virtue of vulnerability assessment tools. However, current vulnerability assessments involve in some drawbacks, such as high false positive rate, long assessing time and requirement of attack codes. Aiming at the problems above, we proposed a vulnerability assessment system based on OVAL (Open Vulnerability Assessment Language). And we optimize the assess method of OVAL definitions. Compared with traditional assessment system, and proved by our experiments it is of high accuracy, low assessing time as a result of host-deployed and OVAL.
network security vulnerability assessment open vulnerability assessment language
Jiong Zheng Xiao-song Zhang Xiao-hui Pan
School of Computer Science & Engineering University of Electronic Science and Technology of China Chengdu 611731, China
国际会议
太原
英文
123-126
2010-10-22(万方平台首次上网日期,不代表论文的发表时间)