Announcements

My Links

Other Links

This Quarter’s Classes

Office Hours for This Quarter

Contacting Me

Vulnerabilities Analysis


Citation

  • M. Bishop, “Vulnerabilities Analysis,” Proceedings of the Second International Symposium on Recent Advances in Intrusion Detection pp. 125–136 (Sep. 1999).

Paper

Abstract

This note presents a new model for classifying vulnerabilities in computer systems. The model is structurally different than earlier models, It decomposes vulnerabilities into small parts, called “primitive conditions.” Our hypothesis is that by examining systems for these conditions, we can detect vulnerabilities. By preventing these conditions from holding, we can prevent vulnerabilities from occurring, even if we do not know that the vulnerability exists. A formal basis for this model is presented. An informal, experimental method of validation for non- secure systems is described. If the model accurately describes existing systems, it guides the development of tools to analyze systems for vulnerabilities.

Copyright Notice

The version posted here is a manuscript version. The definitive version was published in the Proceedings of the Second International Symposium on Recent Advances in Intrusion Detection, Sep. 2000.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh
Last updated on Friday, April 11, 2008 at 05:37:10AM PDT