Identification and assessment of security attacks and vulnerabilities, utilizing CVE, CWE and CAPEC
Αναγνώριση και αποτίμηση επιθέσεων και αδυναμιών ασφάλειας με τη χρήση των προτύπων CVE, CWE και CAPEC
View/
Keywords
MITRE ; Threat modeling ; Vulnerability assessment ; Search engines ; Data parsing ; Network scanning ; Penetration testingAbstract
The identification and assessment of security vulnerabilities, as well as their linkage with potential
security threats and attacks is a challenging task. Although the identification and assessment of software
vulnerabilities used to depend only on the vendor side, the continuously increased complexity and
interconnectivity of ICT systems has created the need for a unified classification and scoring of security
vulnerabilities. Initiative on the matter was taken by the MITRE corporation as early as 1999 with the
Common Vulnerabilities and Exposures (CVE), which was later on extended by the Common Weakness
Enumeration (CWE) and the Common Attack Pattern Enumeration and Classification (CAPEC).
Furthermore, NIST’s NVD is currently synchronized with the CVE list. Along with the entry list, NIST is using
the Common Vulnerability Scoring System which provides a consistent way of calculating the severity of
vulnerabilities based on certain key characteristics, thus enriching the existing entries. This information is
being constantly used and updated, in order to remain relevant with current issues. Although there are
existing links between CVEs and CWEs in NIST’s NVD database, there are no existing connections
between CVEs and CAPEC. The main goal of this thesis is to develop a search engine in order to link
specific security vulnerabilities (i.e. CVEs) with related attack patterns (i.e. CAPEC), using the abstract
weaknesses enumerations (CWE) as a connecting dot. Such a search engine will assist security experts
and system administrators to further understand threats that could compromise their IT assets and
effectively mitigate the specific vulnerabilities that may trigger threats of high risk. Furthermore, an attempt
is made to classify and present the CVE’s identified by a port scanning tool called Nmap, based on their
CVSS scores on the mentioned lists.
Postgraduate Studies Programme
Προηγμένα Συστήματα ΠληροφορικήςDepartment
Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα ΠληροφορικήςNumber of pages
56Language
EnglishCollections
Except where otherwise noted, this item's license is described as
Attribution-NonCommercial-NoDerivatives 4.0 Διεθνές
Attribution-NonCommercial-NoDerivatives 4.0 Διεθνές