ECS 235A Project - NVD Visualization Using TreeMaps
|
|
- Amice Lambert
- 8 years ago
- Views:
Transcription
1 ECS 235A Project - NVD Visualization Using TreeMaps Kevin Griffin kevgriffin@ucdavis.edu December 12, Introduction The National Vulnerability Database (NVD) is a continuously updated United States Government repository of vulnerability data [2]. The repository contains a large set of data dating back to around 1997 to the present. The NVD is also a multivariate dataset containing attributes like vulnerability score, attack vector, access complexity, integrity impact, etc. The NVD website provides an interface for users with a priori knowledge and clues to conduct targeted searches of the underlying data. There are also applications, like Nessus 1, that use various components of this data. However, what is missing is a way to explore and visualize the underlying dataset, without a priori knowledge and clues, to find trends and vulnerabilities of interest for analysis and hypothesis generation. Traditional visualizations fall short for two main reasons. The first reason is that visualization components like bar, line, and pie charts are not space filling which only allows a very limited amount of data to be visualized at once. This is an issue with NVD since it contains over fifteen years of vulnerability data. Second, most traditional visualizations typically can only handle data with a single attribute. NVD is a multivariate data set that revels a lot of information to the user when subsets of these attributes are visualized together. The purpose of this research is to demonstrate how using a lesser known and utilized visualization, the treemap [3] [7] [8], can solve the short-comings associated with traditional visualizations by being able to visualize large datasets, because its a space filling visualization that can use the entire display space, and 1 is able to handle multivariate data. Multivariate data is visualized with treemaps by mapping the various attributes of the NVD data to the various visual attributes of the treemap like size, shape, color, and height. The main contributions of this project are: 1. Understanding Treemap s utility for visualizing large data sets 2. Measuring Treemap s utility for visualizing multivariate data 3. Showing Treemap s advantages over traditional visualizations (i.e line and bar charts) 4. Visual Analysis Tool. The current system provides a simple, interactive visual analysis environment to explore the NVD data. Coordinated Visualization Views. The system consists of a main overview, using a treemap that was invented in the early 1990s by Ben Shneiderman at the University of Maryland, and two secondary bar chart views. All of these views are integrated together and allows the user to perform detailed analysis of the NVD data. Filtering. Programmatic filtering of the NVD data has been implemented and is based on the year the vulnerability of interest was discovered. Future enhancements will allow the user to filter on other attributes of the data, like vendor, product, and access complexity, in real time from the user interface. This will give the 1
2 user the ability to explore the underlying data, without a priori knowledge, to find trends and vulnerabilities of interest for analysis and hypothesis generation. 2 Related Work The work done by [5] uses NVD along with other security metrics (Nessus scans, router configurations, and firewall rules) to create custom security metrics (Patch Risk, Criticality, Security Score, Time Series) and visualize them using scatter graphs, pie charts, ring graphs, bar charts, histograms, and quartiles (see Figure 1). They also provide a modest what-if visual analysis of security changes to the computers and networks. Identifier (CWE-ID) and distribution of date-time. The tool enables the user to: 1. Filter the data in a variety of ways. NVDvis can filter on the vulnerability score as well as the six attributes that contribute to the score: Access vector, access complexity, authentication, confidentiality impact, integrity impact, and availability impact. It also provides access to Part (application, hardware, operating system), CWE-ID, date-time, and vendor. After each filtering operation, the Data Analysis pane is updated as well as the visualization. 2. Parallel Coordinate plot the data. These plots are a way to visualize multidimensional data. They were invented by Alfred Inselberg, who has a tutorial online. Our visualization can be viewed both on the desktop as well as in our immersive environment. 3. Output data in csv, arff, or binary format for further analysis Figure 1: Automatic Security Analysis Dashboard The Scientific Applications & Visualization Group within the National Institute of Standards and Technology (NIST) created a tool, NVDvis (see Figure 2), that reads the lastest version of the National Vulnerability Database [4]. The user can choose Common Vulnerabilities and Exposures (CVE) 1.2 or 2.0. The tool does an initial analysis that is displayed in the Data Analysis pane of the tool. It displays which CVE database was selected and how many entries there were. It provides the average vulnerabilty score as well as the distribution of the scores. NVDvis also gives the number of elements as well as the percentage for each value of the six attributes that make up the score as well as the part and Common Weakness Enumeration Figure 2: NVDvis Other visualization work using this type of data has been primarily in the form of attack graphs. The work by [6] is an example of this type of work. CVE data, which is a subset of the NVD data, is used to identify hosts in a network that have vulnerabilities. An attack graph is then generated that shows the sequence of hosts that an attacker can exploit to gain access to a system. Figure 3 illustrates this type of visualization with the CVE data overlaid on the graph. 2
3 Figure 3: Attack Graph 3 System Architecture The overall system architecture is illustrated in Figure 4. The database is initially populated with data from the NVD XML Data feed with Common Vulnerability Scoring System (CVSS) and Common Platform Enumeration (CPE) mappings (version 2.0). Each year s published vulnerabilities are kept in an XML file of the format nvdcve- 2.0-[year recent modified].xml, where year [ ]. The file nvdcve 2.0 [year].xml contains all of the vulnerabilities found in year, nvdcve-2.0- recent.xml contains all of the recently published vulnerabilities, and nvdcve-2.0-modified.xml contains all of the recently published and recently updated vulnerabilities. The files are parsed, using a SAX parser, and inserted into a MySQL 2 database. The complete dataset contains over sixteen years of vulnerability data totaling more than 1.5 million database records. Finally, once the view is ready to be made visible, the data is formated and placed into an appropriate data structure by the Viz Pre- Processor. The pre-processor then hands the data off to the visualization interface. 3.1 Data Storage The data is stored in a MySQL database using the schema shown in Figure 5. The entity table contains most of the data parsed from the XML file except for the vulnerable software information and the CWE identifiers. The entity table contains over 58, 000 records. The software table stores, along with other attributes, the name of the vendors, vendor s products, and product versions affected by vulnerabilities stored in the entity 2 Figure 4: System Architecture table. The software table contains over 148, 000 records. The entity software join table maps the CVE vulnerability in the entity table to the vulnerable product in the software table. This table is the largest with approximately 1.6 million entries. Figure 5: Database Schema 3.2 Visualizing Large Data Sets As Figure 6 shows, treemaps are very good for displaying large datasets because of its space-filling characteristics. The treemap visualization on the left is displaying over 10,000 software products. In contrast, the bar charts on the right, both top and bottom, are displaying 20 products/vendors combined. If you increase that number to only 100 the two bar chart visualizations become almost un- 3
4 readable. full meaning of the underlying dataset. Figure 6: Microsoft 3.3 Figure 7: Apple Visualizing Multivariate Data 3.4 As stated earlier, NVD is a multivariate dataset. Multivariate data requires a subset of its attributes to be visualized together before the user can start extracting useful meaning from the underlying dataset. For example, Figure 7 shows vulnerability data for Apple in both the Treemap display on the left and the bar chart at the top right. The bar chart gives the vulnerability count for each Apple product. While this gives the user some information, it falls short on providing a complete understanding of the underlying data. In particular, it doesnt answer questions like; What type of vulnerabilities are they? How many vulnerabilities were severe (root access) or just minor nuisances? or What vulnerabilities are easy to exploit? If we assume that the size of each treemap node indicates how difficult/easy a vulnerability is to exploit and the color (red = severe, green = minor) indicates the severity of the exploit, we can see that we start to get a better understanding of the underlying NVD dataset. At a glance we get a rough idea of how many severe vulnerabilities each product has, how easy it is to exploit them, and how each of the vulnerabilities for each product compare to each other. Furthermore, if other attributes were mapped to the height of each node we get an even better visual interpretation of the underlying data set. Because of the ability to map multiple attributes to treemap attributes, treemaps are exponentially better than bar charts at conveying the Visual Analysis Tool Overview The visual analysis tool was designed using a treemap visualization as its main display with coordinated bar chart views for providing detailed information on selected nodes (see Figure 8). There are two groupings used for the treemap visualization. The main grouping is based on the vendor (i.e Microsoft) and the subgrouping is based on the vendor s product (i.e. Internet Explorer). The nodes in the treemap represent a one-to-one mapping of vulnerability to vendor s product. A semitransparent tooltip dialog shows additional details for each node as the user probes the treemap. The top right bar chart provides the vulnerability count for the selected vendor s top ten products. The bottom right bar chart provides the overall vulnerability count for the top ten vendors. The JFreeChart [1] API was used to implement the bar charts Future Work Real-Time Filtering: Currently the data is only filtered by the vulnerability discovery year. A very useful enhancement is to allow the user to be able to filter the data, in real-time, on the various attributes of the dataset. The NVD XSD file (nvd.nist.gov/schema/nvdcve-feed 2.0.xsd) can be viewed for the complete 4
5 Figure 8: NVD Visualization list of attributes to filter on. of the treemap, and ordering of the treemap nodes based on certain characteristics of the node like size. Automated Analysis: Future work in this area will include automatically infering trends and patterns about the data. Important things to infer would be: Vendors/Products that are the worst/best for providing a particular capability (i.e. Web Server) 4 Conclusion This project allowed me to experiment with visual Products that are potentially targets of the izing a large, multivariate dataset using treemaps. next round of zero-day exploits The preliminary results showed some of the ad The Vendors/Products most susceptiple to a vantages of using treemaps over traditional visualizations. In particular, treemaps proved to be certain type of exploit (buffer overflow) very effective at visualizing large quantities of data TreeMap Enhancements: and providing a more accurate visual interpretaadditional enhancements to the treemap include; tion of the underlying dataset. Future enhancemapping of dataset attributes to the height of the ments will provide a more robust exploration and treemap nodes, semantic zooming, the ability to visualization capability for the National Vulneradrill up/down on a particular group or subgroup bility Database. 5
6 References [1] Jfreechart - [2] National Vulnerability Database NVD - [3] Benjamin B. Bederson, Ben Shneiderman, and Martin Wattenberg. Ordered and quantum treemaps: Making effective use of 2d space to display hierarchies. ACM Trans. Graph., 21(4): , [4] John Hagedorn Styvens Belloge Terence Griffin Sandy Ressler Judith E. Terrill, Kevin Rawlings. Visualization and analysis of the national vulnerability database - [5] Sun Kun, S. Jajodia, J. Li, Cheng Yi, Tang Wei, and A. Singhal. Automatic security analysis using security metrics. In MILITARY COMMUNICATIONS CONFERENCE, MILCOM 2011, pages [6] O. Sheyner and J. Wing. Tools for generating and analyzing attack graphs. In Formal methods for components and objects, pages Springer. [7] Ben Shneiderman. Tree visualization with treemaps: 2-d space-filling approach. ACM Trans. Graph., 11(1):92 99, [8] Ben Shneiderman. Treemaps for spaceconstrained visualization of hierarchies,
Manage Vulnerabilities (VULN) Capability Data Sheet
Manage Vulnerabilities (VULN) Capability Data Sheet Desired State: - Software products installed on all devices are free of known vulnerabilities 1 - The list of known vulnerabilities is up-to-date Desired
More informationSoftware Vulnerability Assessment
Software Vulnerability Assessment Setup Guide Contents: About Software Vulnerability Assessment Setting Up and Running a Vulnerability Scan Manage Ongoing Vulnerability Scans Perform Regularly Scheduled
More informationTowards Unifying Vulnerability Information for Attack Graph Construction
Towards Unifying Vulnerability Information for Attack Graph Construction Sebastian Roschke Feng Cheng, Robert Schuppenies, Christoph Meinel ISC2009-2009-09-08 Internet-Technologies and -Systems Prof. Dr.
More informationBMC Client Management - SCAP Implementation Statement. Version 12.0
BMC Client Management - SCAP Implementation Statement Version 12.0 BMC Client Management - SCAP Implementation Statement TOC 3 Contents SCAP Implementation Statement... 4 4 BMC Client Management - SCAP
More informationMetrics Suite for Enterprise-Level Attack Graph Analysis
Metrics Suite for Enterprise-Level Attack Graph Analysis Cyber Security Division 2012 Principal Investigators Meeting October 11, 2012 Sushil Jajodia (PI), Steven Noel (co-pi) Metrics Suite for Enterprise-Level
More informationHow To Use A Policy Auditor 6.2.2 (Macafee) To Check For Security Issues
Vendor Provided Validation Details - McAfee Policy Auditor 6.2 The following text was provided by the vendor during testing to describe how the product implements the specific capabilities. Statement of
More informationUser s Guide. Skybox Risk Control 7.0.0. Revision: 11
User s Guide Skybox Risk Control 7.0.0 Revision: 11 Copyright 2002-2014 Skybox Security, Inc. All rights reserved. This documentation contains proprietary information belonging to Skybox Security and is
More informationFederal Desktop Core Configuration (FDCC)
Federal Desktop Core Configuration (FDCC) Presented by: Saji Ranasinghe Date: October, 2007 FDCC Federal Desktop Core Configuration (FDCC) Standardized Configuration with Hardened Security Settings to
More informationAttack Graph Techniques
Chapter 2 Attack Graph Techniques 2.1 An example scenario Modern attack-graph techniques can automatically discover all possible ways an attacker can compromise an enterprise network by analyzing configuration
More informationCDM Vulnerability Management (VUL) Capability
CDM Vulnerability Management (VUL) Capability Department of Homeland Security Office of Cybersecurity and Communications Federal Network Resilience Vulnerability Management Continuous Diagnostics and Mitigation
More informationA Multi-layer Tree Model for Enterprise Vulnerability Management
A Multi-layer Tree Model for Enterprise Vulnerability Management Bin Wu Southern Polytechnic State University Marietta, GA, USA bwu@spsu.edu Andy Ju An Wang Southern Polytechnic State University Marietta,
More informationSecurity visualisation
Security visualisation This thesis provides a guideline of how to generate a visual representation of a given dataset and use visualisation in the evaluation of known security vulnerabilities by Marco
More informationSecunia Vulnerability Intelligence Manager (VIM) 4.0
Secunia Vulnerability Intelligence Manager (VIM) 4.0 In depth Real-time vulnerability intelligence brought to you on time, every time, by Secunia s renowned research team Introduction Secunia is the world-leading
More informationON ATTACK GRAPH MODEL OF NETWORK SECURITY. Hasmik Sahakyan, Daryoush Alipour
26 ON ATTACK GRAPH MODEL OF NETWORK SECURITY Hasmik Sahakyan, Daryoush Alipour Abstract: All types of network systems are subject to computer attacks. The overall security of a network cannot be determined
More informationVisualization methods for patent data
Visualization methods for patent data Treparel 2013 Dr. Anton Heijs (CTO & Founder) Delft, The Netherlands Introduction Treparel can provide advanced visualizations for patent data. This document describes
More informationHow To Monitor Your Entire It Environment
Preparing for FISMA 2.0 and Continuous Monitoring Requirements Symantec's Continuous Monitoring Solution White Paper: Preparing for FISMA 2.0 and Continuous Monitoring Requirements Contents Introduction............................................................................................
More informationHow To Choose A Business Intelligence Toolkit
Background Current Reporting Challenges: Difficulty extracting various levels of data from AgLearn Limited ability to translate data into presentable formats Complex reporting requires the technical staff
More informationQuantitative Security Risk Analysis of Enterprise Systems: Techniques and Challenges Tutorial ICISS, December 2014
Quantitative Security Risk Analysis of Enterprise Systems: Techniques and Challenges Tutorial ICISS, December 2014 Anoop Singhal Computer Security Division National Institute of Standards and Technology
More informationA Review on Zero Day Attack Safety Using Different Scenarios
Available online www.ejaet.com European Journal of Advances in Engineering and Technology, 2015, 2(1): 30-34 Review Article ISSN: 2394-658X A Review on Zero Day Attack Safety Using Different Scenarios
More informationWhite Paper. Managing Risk to Sensitive Data with SecureSphere
Managing Risk to Sensitive Data with SecureSphere White Paper Sensitive information is typically scattered across heterogeneous systems throughout various physical locations around the globe. The rate
More informationSecurity Information and Event Management
Security Information and Event Management sponsored by: ISSA Web Conference April 26, 2011 Start Time: 9 am US Pacific, Noon US Eastern, 5 pm London Welcome Conference Moderator Phillip H. Griffin ISSA
More informationEFFECTIVE VULNERABILITY SCANNING DEMYSTIFYING SCANNER OUTPUT DATA
EFFECTIVE VULNERABILITY SCANNING DEMYSTIFYING SCANNER OUTPUT DATA Paul R. Lazarr, CISSP, CISA, CIPP, CRISK Sr. Managing Consultant, IBM Cybersecurity and Biometrics January 21, 2016 PERSONAL BACKGROUND
More informationSisense. Product Highlights. www.sisense.com
Sisense Product Highlights Introduction Sisense is a business intelligence solution that simplifies analytics for complex data by offering an end-to-end platform that lets users easily prepare and analyze
More informationNV: Nessus Vulnerability Visualization for the Web
NV: Nessus Vulnerability Visualization for the Web Lane Harrison harrisonlt@ornl.gov Evan Downing epdowning@gmail.com Riley Spahn spahnrb1@ornl.gov John R. Goodall jgoodall@ornl.gov Mike Iannacone iannaconemd@ornl.gov
More informationTableau Your Data! Wiley. with Tableau Software. the InterWorks Bl Team. Fast and Easy Visual Analysis. Daniel G. Murray and
Tableau Your Data! Fast and Easy Visual Analysis with Tableau Software Daniel G. Murray and the InterWorks Bl Team Wiley Contents Foreword xix Introduction xxi Part I Desktop 1 1 Creating Visual Analytics
More informationTeam Members: Christopher Copper Philip Eittreim Jeremiah Jekich Andrew Reisdorph. Client: Brian Krzys
Team Members: Christopher Copper Philip Eittreim Jeremiah Jekich Andrew Reisdorph Client: Brian Krzys June 17, 2014 Introduction Newmont Mining is a resource extraction company with a research and development
More informationcve-search - a free software to collect, search and analyse common vulnerabilities and exposures in software
cve-search - a free software to collect, search and analyse common vulnerabilities and exposures in software Alexandre Dulaunoy and Pieter-Jan Moreels BruCON 0x07 9th October 2015 What we were looking
More informationrating of 5 out 5 stars
SPM User Guide Contents Aegify comprehensive benefits... 2 Security Posture Assessment workflow... 3 Scanner Management... 3 Upload external scan output... 6 Reports - Views... 6 View Individual Security
More informationVulnerability Management with the Splunk App for Enterprise Security
Copyright 2014 Splunk Inc. Vulnerability Management with the Splunk App for Enterprise Security Randal T. Rioux Principal Security Strategist and Minister of Offense Splunk Inc. Disclaimer During the course
More informationCloud-based Log Analysis and Visualization
Cloud-based Log Analysis and Visualization DeepSec 2010, Vienna, Austria mobile-166 My syslog Raffael Marty - @zrlram Raffael (Raffy) Marty Founder @ Chief Security Strategist and Product Manager @ Splunk
More informationSecure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities
Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities Sean Barnum sbarnum@mitre.org September 2011 Overview What is SCAP? Why SCAP?
More informationVisualization Techniques in Data Mining
Tecniche di Apprendimento Automatico per Applicazioni di Data Mining Visualization Techniques in Data Mining Prof. Pier Luca Lanzi Laurea in Ingegneria Informatica Politecnico di Milano Polo di Milano
More informationQualys PC/SCAP Auditor
Qualys PC/SCAP Auditor Getting Started Guide August 3, 2015 COPYRIGHT 2011-2015 BY QUALYS, INC. ALL RIGHTS RESERVED. QUALYS AND THE QUALYS LOGO ARE REGISTERED TRADEMARKS OF QUALYS, INC. ALL OTHER TRADEMARKS
More informationSpace-filling Techniques in Visualizing Output from Computer Based Economic Models
Space-filling Techniques in Visualizing Output from Computer Based Economic Models Richard Webber a, Ric D. Herbert b and Wei Jiang bc a National ICT Australia Limited, Locked Bag 9013, Alexandria, NSW
More informationSalesLogix Advanced Analytics
SalesLogix Advanced Analytics SalesLogix Advanced Analytics Benefits Snapshot Increase organizational and customer intelligence by analyzing data from across your business. Make informed business decisions
More informationVEA-bility Security Metric: A Network Security Analysis Tool
VEA-bility Security Metric: A Network Security Analysis Tool Melanie Tupper Dalhousie University tupper@cs.dal.ca A. Nur Zincir-Heywood Dalhousie University zincir@cs.dal.ca Abstract In this work, we propose
More informationInformation Security and Continuity Management Information Sharing Portal. Category: Risk Management Initiatives
Information Security and Continuity Management Information Sharing Portal Category: Risk Management Initiatives Contact: Chip Moore, CISO State of North Carolina Office of Information Technology Services
More informationAn Enterprise Continuous Monitoring Technical Reference Architecture
An Enterprise Continuous Monitoring Technical Reference Architecture 12/14/2010 Presenter: Peter Mell Senior Computer Scientist National Institute of Standards and Technology http://twitter.com/petermmell
More informationWriters: Joanne Hodgins, Omri Bahat, Morgan Oslake, and Matt Hollingsworth
SQL Server Technical Article Writers: Joanne Hodgins, Omri Bahat, Morgan Oslake, and Matt Hollingsworth Technical Reviewer: Dan Jones Published: August 2009 Applies to: SQL Server 2008 R2, August CTP Summary:
More informationRisk Analytics for Cyber Security
Risk Analytics for Cyber Security Justin Coker, VP EMEA, Skybox Security IT Challenges 2015, Belgium 2nd October 2014 www.skyboxsecurity.com justin.coker@skyboxsecurity.com +44 (0) 7831 691498 Risk Analytics
More informationTRIPWIRE PURECLOUD. TRIPWIRE PureCloud USER GUIDE
TRIPWIRE PURECLOUD TRIPWIRE PureCloud USER GUIDE 2001-2015 Tripwire, Inc. All rights reserved. Tripwire and ncircle are registered trademarks of Tripwire, Inc. Other brand or product names may be trademarks
More informationNetwork visualization
Whether you are a security analyst, system administrator or technical manager, chances are you are confronted with an overwhelming sea of security related data. Typically, we analyze this data with textual
More informationHierarchical Data Visualization. Ai Nakatani IAT 814 February 21, 2007
Hierarchical Data Visualization Ai Nakatani IAT 814 February 21, 2007 Introduction Hierarchical Data Directory structure Genealogy trees Biological taxonomy Business structure Project structure Challenges
More informationContinuous security audit automation with Spacewalk, Puppet, Mcollective and SCAP
Continuous security audit automation with Spacewalk, Puppet, Mcollective and SCAP Vasileios A. Baousis (Ph.D) Network Applications Team Slide 1 Agenda Introduction Background - SCAP - Puppet &Mcollective
More informationBig Data: Rethinking Text Visualization
Big Data: Rethinking Text Visualization Dr. Anton Heijs anton.heijs@treparel.com Treparel April 8, 2013 Abstract In this white paper we discuss text visualization approaches and how these are important
More informationA Cyber Attack Modeling and Impact Assessment Framework
2013 5th International Conference on Cyber Conflict K. Podins, J. Stinissen, M. Maybaum (Eds.) 2013 NATO CCD COE Publications, Tallinn Permission to make digital or hard copies of this publication for
More informationTreemaps for Search-Tree Visualization
Treemaps for Search-Tree Visualization Rémi Coulom July, 2002 Abstract Large Alpha-Beta search trees generated by game-playing programs are hard to represent graphically. This paper describes how treemaps
More informationTOP-DOWN DATA ANALYSIS WITH TREEMAPS
TOP-DOWN DATA ANALYSIS WITH TREEMAPS Martijn Tennekes, Edwin de Jonge Statistics Netherlands (CBS), P.0.Box 4481, 6401 CZ Heerlen, The Netherlands m.tennekes@cbs.nl, e.dejonge@cbs.nl Keywords: Abstract:
More information<no narration for this slide>
1 2 The standard narration text is : After completing this lesson, you will be able to: < > SAP Visual Intelligence is our latest innovation
More informationPenetration Test Report
Penetration Test Report Acme Test Company ACMEIT System 26 th November 2010 Executive Summary Info-Assure Ltd was engaged by Acme Test Company to perform an IT Health Check (ITHC) on the ACMEIT System
More informationHow To Build A Vulnerability Chain
Acta Universitatis Sapientiae Electrical and Mechanical Engineering, 6 (2014) xx-yy Identifying Chains of Software Vulnerabilities: A Passive Non-Intrusive Methodology Béla GENGE 1, Călin ENĂCHESCU 1 1
More informationNetwork Security and Risk Analysis Using Attack Graphs
Network Security and Risk Analysis Using Attack Graphs Anoop Singhal National Institute of Standards and Technology Coauthors: Lingyu Wang and Sushil Jajodia Concordia University George Mason University
More informationANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details
Sub: Supply, Installation, setup and testing of Tenable Network Security Nessus vulnerability scanner professional version 6 or latest for scanning the LAN, VLAN, VPN and IPs with 3 years License/Subscription
More informationVulnerability Assessment Report Format Data Model
I3E'2005 Vulnerability Assessment Report Format Data Model Dr.D.Polemi G.Valvis Issues Attack paradigm Vulnerability exploit life cycle Vulnerability assessment process Challenges in vulnerability assessment
More informationMicroStrategy Desktop
MicroStrategy Desktop Quick Start Guide MicroStrategy Desktop is designed to enable business professionals like you to explore data, simply and without needing direct support from IT. 1 Import data from
More informationIT Risk Management: Guide to Software Risk Assessments and Audits
IT Risk Management: Guide to Software Risk Assessments and Audits Contents Overview... 3 Executive Summary... 3 Software: Today s Biggest Security Risk... 4 How Software Risk Enters the Enterprise... 5
More informationSecurity Content Automation Protocol for Governance, Risk, Compliance, and Audit
UNCLASSIFIED Security Content Automation Protocol for Governance, Risk, Compliance, and Audit presented by: Tim Grance The National Institute of Standards and Technology UNCLASSIFIED Agenda NIST s IT Security
More information60467 Project 1. Net Vulnerabilities scans and attacks. Chun Li
60467 Project 1 Net Vulnerabilities scans and attacks Chun Li Hardware used: Desktop PC: Windows Vista service pack Service Pack 2 v113 Intel Core 2 Duo 3GHz CPU, 4GB Ram, D-Link DWA-552 XtremeN Desktop
More informationSCAP for VoIP Automating Configuration Compliance. 6 th Annual IT Security Automation Conference
SCAP for VoIP Automating Configuration Compliance 6 th Annual IT Security Automation Conference Presentation Overview 1. The Business Challenge 2. Securing Voice over IP Networks 3. The ISA VoIP Security
More informationREPORT. 2015 State of Vulnerability Risk Management
REPORT 2015 State of Vulnerability Risk Management Table of Contents Introduction: A Very Vulnerable Landscape... 3 Security Vulnerabilities by Industry... 4 Remediation Trends: A Cross-Industry Perspective...
More informationStrategic Information Security. Attacking and Defending Web Services
Security PS Strategic Information Security. Attacking and Defending Web Services Presented By: David W. Green, CISSP dgreen@securityps.com Introduction About Security PS Application Security Assessments
More informationPAKITI Patching Status System
PAKITI Patching Status System EGI-InSPIRE A Race for Security: Identifying Vulnerabilities on 50 000 Hosts Faster then Attackers Michal Procházka 1, Daniel Kouřil 1, Romain Wartel 2, Christos Kanellopoulos
More informationEnhancing Security for Next Generation Networks and Cloud Computing
V1.0 Enhancing Security for Next Generation Networks and Cloud Computing Tony Rutkowski Yaana Technologies Georgia Tech ITU-T Q.4/17 Rapporteur ETSI Workshop 19-20 January 2011 Sophia Antipolis, France
More informationINTRODUCTION: PENETRATION TEST A BUSINESS PERSPECTIVE:
PENETRATION TESTING A SYSTEMATIC APPROACH INTRODUCTION: The basic idea behind writing this article was to put forward a systematic approach that needs to be followed to perform a successful penetration
More informationNETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS
NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS Scope and Applicability: These Network and Certificate System Security Requirements (Requirements) apply to all publicly trusted Certification Authorities
More information6. Exercise: Writing Security Advisories
CERT Exercises Toolset 49 49 6. Exercise: Writing Security Advisories Main Objective Targeted Audience Total Duration Time Schedule Frequency The objective of the exercise is to provide a practical overview
More informationPenetration Testing Guidelines For the Financial Industry in Singapore. 31 July 2015
For the Financial Industry in Singapore 31 July 2015 TABLE OF CONTENT 1. EXECUTIVE SUMMARY 3 2. INTRODUCTION 4 2.1 Audience 4 2.2 Purpose and Scope 4 2.3 Definitions 4 3. REQUIREMENTS 6 3.1 Overview 6
More informationSidebar Dashboard User Guide. Modified: June, 2013 Version 8.2
Sidebar Dashboard User Guide Modified: June, 2013 Version 8.2 Licensed Materials - Property of Management Information Tools, Inc. DBA MITS 801 Second Ave, Suite 1210 Seattle, WA 98104 2013 Management Information
More informationSecurity compliance automation with Red Hat Satellite
Security compliance automation with Red Hat Satellite Matt Micene Solution Architect, DLT Solutions @cleverbeard @nzwulfin Created with http://wordle.net Compliance is a major problem About half of the
More informationVisualization of Software Metrics Marlena Compton Software Metrics SWE 6763 April 22, 2009
Visualization of Software Metrics Marlena Compton Software Metrics SWE 6763 April 22, 2009 Abstract Visualizations are increasingly used to assess the quality of source code. One of the most well developed
More informationClearSkies SIEM Security-as-a-Service (SecaaS) Infocom Security Athens April 2014
1 ClearSkies SIEM Security-as-a-Service (SecaaS) Infocom Security Athens April 2014 About the Presenters Ms. Irene Selia, Product Manager, ClearSkies SecaaS SIEM Contact: iselia@odysseyconsultants.com,
More informationPenetration Testing Report Client: Business Solutions June 15 th 2015
Penetration Testing Report Client: Business Solutions June 15 th 2015 Acumen Innovations 80 S.W 8 th St Suite 2000 Miami, FL 33130 United States of America Tel: 1-888-995-7803 Email: info@acumen-innovations.com
More informationPASTA Abstract. Process for Attack S imulation & Threat Assessment Abstract. VerSprite, LLC Copyright 2013
2013 PASTA Abstract Process for Attack S imulation & Threat Assessment Abstract VerSprite, LLC Copyright 2013 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
More informationWHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK
WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK DATE OF RELEASE: 27 th July 2012 Table of Contents 1. Introduction... 2 2. Need for securing Telecom Networks... 3 3. Security Assessment Techniques...
More informationWHITEPAPER. Nessus Exploit Integration
Nessus Exploit Integration v2 Tenable Network Security has committed to providing context around vulnerabilities, and correlating them to other sources, such as available exploits. We currently pull information
More informationCopyright (2004) Purdue Research Foundation. All rights reserved.
CS390S, Week 1: Introduction to Secure Programming Pascal Meunier, Ph.D., M.Sc., CISSP January 10, 2007 Developed thanks to support and contributions from Symantec Corporation, support from the NSF SFS
More informationADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT
ADDING NETWORK INTELLIGENCE INTRODUCTION Vulnerability management is crucial to network security. Not only are known vulnerabilities propagating dramatically, but so is their severity and complexity. Organizations
More informationVulnerability Scanning Requirements and Process Clarification Comment Disposition and FAQ 11/27/2014
Vulnerability Scanning Requirements and Process Clarification Disposition and FAQ 11/27/2014 Table of Contents 1. Vulnerability Scanning Requirements and Process Clarification Disposition... 3 2. Vulnerability
More informationCritical Infrastructure Security: The Emerging Smart Grid. Cyber Security Lecture 5: Assurance, Evaluation, and Compliance Carl Hauser & Adam Hahn
Critical Infrastructure Security: The Emerging Smart Grid Cyber Security Lecture 5: Assurance, Evaluation, and Compliance Carl Hauser & Adam Hahn Overview Assurance & Evaluation Security Testing Approaches
More informationDevising a Server Protection Strategy with Trend Micro
Devising a Server Protection Strategy with Trend Micro A Trend Micro White Paper Trend Micro, Incorporated» A detailed account of why Gartner recognizes Trend Micro as a leader in Virtualization and Cloud
More informationWhite Paper. Guide to PCI Application Security Compliance for Merchants and Service Providers
White Paper Guide to PCI Application Security Compliance for Merchants and Service Providers Contents Overview... 3 I. The PCI DSS Requirements... 3 II. Compliance and Validation Requirements... 4 III.
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Technical and Operational Requirements for Approved Scanning Vendors (ASVs) Version 1.1 Release: September 2006 Table of Contents Introduction...1-1 Naming
More informationpt360 FREE Tool Suite Networks are complicated. Network management doesn t have to be.
pt360 FREE Tool Suite Networks are complicated. Network management doesn t have to be. pt360 FREE Tool Suite - At a Glance PacketTrap Networks November, 2009 PacketTrap's pt360 FREE Tool Suite consolidates
More informationSpooks in the Machine
A Higher Education Services Company Spooks in the Machine Proactive Strategies for Securing the Network Steven M. Helwig, CISSP Technical Director shelwig@sungardcollegis.com Contents of Presentation Aligning
More informationEnterprise Data Visualization and BI Dashboard
Strengths Key Features and Benefits Ad-hoc Visualization and Data Discovery Prototyping Mockups Dashboards The application is web based and can be installed on any windows or linux server. There is no
More informationstrategic white paper
strategic white paper AUTOMATED PLANNING FOR REMOTE PENETRATION TESTING Lloyd Greenwald and Robert Shanley LGS Innovations / Bell Labs Florham Park, NJ US In this work we consider the problem of automatically
More informationScanless Vulnerability Assessment. A Next-Generation Approach to Vulnerability Management
Scanless Vulnerability Assessment A Next-Generation Approach to Vulnerability Management WHITEPAPER Overview Vulnerability scanning, or the process of identifying a list of known security gaps in the network
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities Learning Objectives Name the common categories of vulnerabilities Discuss common system
More informationOutcome Based Security Monitoring in a Continuous Monitoring World
Outcome Based Security Monitoring in a Continuous Monitoring World December 2012 Ron Gula Chief Executive Officer / Chief Technology Officer White Paper Copyright 2002-2012 Tenable Network Security, Inc.
More informationDevising a Server Protection Strategy with Trend Micro
Devising a Server Protection Strategy with Trend Micro A Trend Micro White Paper» Trend Micro s portfolio of solutions meets and exceeds Gartner s recommendations on how to devise a server protection strategy.
More informationPUBLIC REPORT. Red Team Testing of the ES&S Unity 3.0.1.1 Voting System. Freeman Craft McGregor Group (FCMG) Red Team
PUBLIC REPORT Red Team Testing of the Voting System Freeman Craft McGregor Group (FCMG) Red Team Prepared for the California Secretary of State by: Jacob D. Stauffer, FCMG Red Team Project Manager Page
More informationMedications Shortages Dashboard
Medications Shortages Dashboard Project Plan Spring 2014 Spectrum Health Contact Jeff McConnell Team Members Alex Lockwood Alex Seling Cameron Keif 1 Table of Contents 1. Project Overview 3 2. Functional
More informationForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM)
ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM) CONTENT Introduction 2 Overview of Continuous Diagnostics & Mitigation (CDM) 2 CDM Requirements 2 1. Hardware Asset Management 3 2. Software
More informationSecunia Vulnerability Intelligence Manager
TECHNOLOGY AUDIT Secunia Vulnerability Intelligence Manager Secunia Reference Code: OI00070-076 Publication Date: July 2011 Author: Andy Kellett SUMMARY Catalyst Secunia Vulnerability Intelligence Manager
More informationCyber Security RFP Template
About this document This RFP template was created to help IT security personnel make an informed decision when choosing a cyber security solution. In this template you will find categories for initial
More informationWhite Paper. Understanding NIST 800 37 FISMA Requirements
White Paper Understanding NIST 800 37 FISMA Requirements Contents Overview... 3 I. The Role of NIST in FISMA Compliance... 3 II. NIST Risk Management Framework for FISMA... 4 III. Application Security
More informationIntroduction to Junos Space Network Director
Introduction to Junos Space Network Director Release 2.0 Published: 2015-02-12 Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, California 94089 USA 408-745-2000 www.juniper.net All rights
More informationA Novel Quantitative Approach For Measuring Network Security
A Novel Quantitative Approach For Measuring Network Security Mohammad Salim Ahmed salimahmed@utdallas.edu Ehab Al-Shaer ehab@cs.depaul.edu Latifur Khan lkhan@utdallas.edu Abstract Evaluation of network
More informationUse of the Common Vulnerabilities and Exposures (CVE) Vulnerability Naming Scheme
NIST Special Publication 800-51 Use of the Common Vulnerabilities and Exposures (CVE) Vulnerability Naming Scheme Recommendations of the National Institute of Standards and Technology Peter Mell Tim Grance
More informationan introduction to VISUALIZING DATA by joel laumans
an introduction to VISUALIZING DATA by joel laumans an introduction to VISUALIZING DATA iii AN INTRODUCTION TO VISUALIZING DATA by Joel Laumans Table of Contents 1 Introduction 1 Definition Purpose 2 Data
More information