Full Text Available
Note: Clicking the button above will open the full text document at the original institutional repository in a new window.
An approach towards standardising vulnerability categories
Dissertation (MSc (Computer Science))--University of Pretoria, 2008.
Saved in:
| Other Authors: | |
|---|---|
| Format: | Thesis |
| Published: |
University of Pretoria
2013
|
| Subjects: | |
| Tags: |
No Tags, Be the first to tag this record!
|
| _version_ | 1867613682262867968 |
|---|---|
| access_status_str | Open Access |
| author2 | Eloff, Jan H.P. |
| author_browse | Eloff, Jan H.P. |
| author_facet | Eloff, Jan H.P. |
| collection | Thesis |
| dc_rights_str_mv | © 2007 University of Pretoria. All rights reserved. The copyright in this work vests in the University of Pretoria. No part of this work may be reproduced or transmitted in any form or by any means, without the prior written permission of the University of Pretoria. |
| description | Dissertation (MSc (Computer Science))--University of Pretoria, 2008. |
| format | Thesis |
| id | oai:repository.up.ac.za:2263/26304 |
| institution | University of Pretoria (South Africa) |
| last_indexed | 2026-06-10T12:40:01.664Z |
| license_str | Other — see source repository |
| provenance_str_mv | Harvested via OAI-PMH from UPSpace — University of Pretoria Institutional Repository |
| publishDate | 2013 |
| publishDateRange | 2013 |
| publishDateSort | 2013 |
| publisher | University of Pretoria |
| publisherStr | University of Pretoria |
| record_format | dspace |
| source_str | UPSpace — University of Pretoria Institutional Repository |
| spelling | oai:repository.up.ac.za:2263/26304 An approach towards standardising vulnerability categories Eloff, Jan H.P. Venter, Hein S. upetd@up.ac.za Li, Yun Lillian Standardising vulnerabililty categories Computer science UCTD Dissertation (MSc (Computer Science))--University of Pretoria, 2008. Computer vulnerabilities are design flaws, implementation or configuration errors that provide a means of exploiting a system or network that would not be available otherwise. The recent growth in the number of vulnerability scanning (VS) tools and independent vulnerability databases points to an apparent need for further means to protect computer systems from compromise. It is important for these tools and databases to interpret, correlate and exchange a large amount of information about computer vulnerabilities in order to use them effectively. However, this goal is hard to achieve because the current VS products differ extensively both in the way that they can detect vulnerabilities and in the number of vulnerabilities that they can detect. Each tool or database represents, identifies and classifies vulnerabilities in its own way, thus making them difficult to study and compare. Although the list of Common Vulnerabilities and Exposures (CVE) provides a means of solving the disparity in vulnerability names used in the different VS products, it does not standardise vulnerability categories. This dissertation highlights the importance of having a standard vulnerability category set and outlines an approach towards achieving this goal by categorising the CVE repository using a data-clustering algorithm. Prototypes are presented to verify the concept of standardizing vulnerability categories and how this can be used as the basis for comparison of VS products and improving scan reports. Computer Science unrestricted 2013-09-07T04:30:33Z 2008-08-12 2013-09-07T04:30:33Z 2007-09-05 2008-08-12 2008-07-15 Dissertation Li, YL 2007, An approach towards standardizing vulnerability categories, MSc dissertation, University of Pretoria, Pretoria, viewed yymmdd < http://hdl.handle.net/2263/26304 > E848/ag http://hdl.handle.net/2263/26304 http://upetd.up.ac.za/thesis/available/etd-07152008-134515/ © 2007 University of Pretoria. All rights reserved. The copyright in this work vests in the University of Pretoria. No part of this work may be reproduced or transmitted in any form or by any means, without the prior written permission of the University of Pretoria. application/pdf University of Pretoria |
| spellingShingle | Standardising vulnerabililty categories Computer science UCTD An approach towards standardising vulnerability categories |
| title | An approach towards standardising vulnerability categories |
| title_full | An approach towards standardising vulnerability categories |
| title_fullStr | An approach towards standardising vulnerability categories |
| title_full_unstemmed | An approach towards standardising vulnerability categories |
| title_short | An approach towards standardising vulnerability categories |
| title_sort | approach towards standardising vulnerability categories |
| topic | Standardising vulnerabililty categories Computer science UCTD |
| url | http://hdl.handle.net/2263/26304 http://upetd.up.ac.za/thesis/available/etd-07152008-134515/ |