역시 뭐니뭐니 해도 내 분야의 책과 웹 article 들을 많이 읽고, 많이 써보는 수 밖에는 없다.
오늘 당장 영어로 취약점 report 를 써야만 한다면...
- #1. 보안쪽으로 읽을만한 material 들은 securityfocus, ZDNET 만 가도 넘쳐난다. 여기 글들을 참조하자. 10개 정도 글만 읽으면 보안관련 용어를 몰라서 용어를 창조해 내는 일은 없어질 것이다.
- #2. 취약점 DB (CVE: http://cve.mitre.org) 에 올라온 취약점 description, 해결방안들만 몇번 읽어도 사실 영어로 취약점 reporting 하는 것은 전혀 문제 될 것이 없으리라.
잡설:
예전에는 bugtraq 에 올라오는 글들, CVE 에 올라오는 글들, 각종 취약점 scanner 에서 reporting 하는 취약점의 description 들이 각각 다르고, category 명명하는 방법도 다 달라서 표준이 없었는데,
OVAL 이라는 표준 schema 까지 나와버렸다 ^^;;;
오죽 했으면 이런 논문이 저널에 따끈따끈하게 실렸으랴. 보면서 웃음이 터져나오면서도 "야 참 아이디어 기발하다 정말 틈새를 노린 논문이다" 라는 생각을 했다.
Computers and Security Journal
Standardising Vulnerability Categories
H.S. Venter, J.H.P. Eloff, Y.L. Li
Information and Computer Security Architectures (ICSA) Research Group
Department of Computer Science, University of Pretoria, Lynnwood Road, Pretoria, 0002, South Africa
Email: lillian@tuks.co.za, hventer@cs.up.ac.za, eloff@cs.up.ac.za
Abstract—Each vulnerability scanner (VS)
represents, identifies and classifies vulnerabilities in its
own way, thus making the different scanners difficult
to study and compare. Despite numerous efforts by
researchers and organisations to solve the disparity in
vulnerability names used in the different VSs,
vulnerability categories have still not been
standardised. This paper highlights the importance of
having a standard vulnerability category set. It also
outlines an approach towards achieving this goal by
generating a standard set of vulnerability categories. A
data-clustering algorithm that employs artificial
intelligence is used for this purpose. The significance of
this research results from having an intelligent
technique that aids in the generation of standardised
vulnerability categories in a relatively fast way. In
addition, the technique is generic in the sense that it
allows one to accommodate any VS currently known on
the market to create such vulnerability categories.
Another benefit is that the approach followed in this
paper allows one to also compare various VSs
currently available on the market. A prototype is
presented to verify the concept.
Index Terms—vulnerability, Vulnerability Scanners
(VSs), Common Vulnerabilities and Exposures (CVE)
list, data clustering, Self-Organising Map (SOM),
artificial intelligence.
댓글 없음:
댓글 쓰기