INTERSECTION APPROACH TO VULNERABILITY HANDLING

Michał Chorás, Salvatore d’Antonio, Rafał Kozik, Witold Hołubowicz

2010

Abstract

In this paper our approach to heterogeneous networks vulnerability handling is presented. Vulnerabilities of heterogeneous networks like satellite, GSM/GPRS, UMTS, wireless sensor networks and the Internet have been identified, classified and described in the framework of the European co-funded project, named INTERSECTION (INfrastructure for heTErogeneous, Resilient, SEcure, Complex, Tightly Inter-Operating Networks). Since computer security incidents usually occur across administrative domains and interconnected networks it is quite clear that it would be advantageous for different organizations and network operators to be able to share data on network vulnerabilities. The exchange of vulnerability information and statistics would be crucial for proactive identification of trends that can lead to incident prevention. Network operators have always been reticent to disclose information about attacks on their systems or through their networks. However, this tendency seems to be overcome by the new awareness that it is only through cooperation that networking infrastructures can be made robust to attacks and failures. Starting from these considerations, we developed two components, namely INTERSECTION Vulnerability Database (IVD) and Project INTERSECTION Vulnerability Ontology Tool (PIVOT), for vulnerability data management and classification. Both tools will be presented in this paper.

References

  1. Choras M. (Ed.), Deliverable D.2.2 Identification and Classification of Vulnerabilities of Network Infrastructures, INTERSECTION Project, July, 2008.
  2. ISO/IEC 13335-1:2004, Information Technology Security Techniques Management of information and communications technology security Part 1: Concepts and models for information and communications technology security management.
  3. Shared Information/Data Model (SID), TeleManagement Forum, October 2002.
  4. Web Ontology Language Semantics and Abstract Syntax, June 2006, http://www.w3.org/TR/owlfeatures/.
  5. Choras M., Renk R., Flizikowski A., Holubowicz W. (2008), ”Ontology-based description of networks vulnerabilities” , Polish Journal of Environmental Studies, vol. 5c.
  6. Choras M., Kozik R., Flizikowski A., Renk R., Holubowicz W. (2009), ”Ontology-based Decision Support for Security Management in Heterogeneous Networks”, In: Huang, D.-S. et al. (Eds.): Emerging Intelligent Computing Technology and Applications. With Aspects of Artificial Intelligence, LNAI 5755, Springer.
Download


Paper Citation


in Harvard Style

Chorás M., d’Antonio S., Kozik R. and Hołubowicz W. (2010). INTERSECTION APPROACH TO VULNERABILITY HANDLING . In Proceedings of the 6th International Conference on Web Information Systems and Technology - Volume 1: WEBIST, ISBN 978-989-674-025-2, pages 171-174. DOI: 10.5220/0002790601710174


in Bibtex Style

@conference{webist10,
author={Michał Chorás and Salvatore d’Antonio and Rafał Kozik and Witold Hołubowicz},
title={INTERSECTION APPROACH TO VULNERABILITY HANDLING},
booktitle={Proceedings of the 6th International Conference on Web Information Systems and Technology - Volume 1: WEBIST,},
year={2010},
pages={171-174},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002790601710174},
isbn={978-989-674-025-2},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 6th International Conference on Web Information Systems and Technology - Volume 1: WEBIST,
TI - INTERSECTION APPROACH TO VULNERABILITY HANDLING
SN - 978-989-674-025-2
AU - Chorás M.
AU - d’Antonio S.
AU - Kozik R.
AU - Hołubowicz W.
PY - 2010
SP - 171
EP - 174
DO - 10.5220/0002790601710174