Graph-Based CPE Matching for Identification of Vulnerable Asset Configurations

Autoři	TOVARŇÁK Daniel SADLEK Lukáš ČELEDA Pavel
Rok publikování	2021
Druh	Článek ve sborníku
Konference	2021 IFIP/IEEE International Symposium on Integrated Network Management (IM 2021)
Fakulta / Pracoviště MU	Ústav výpočetní techniky
Citace
www	https://ieeexplore.ieee.org/document/9463994
Klíčová slova	Common Vulnerabilities and Exposures; Common Platform Enumeration; CVE; CPE; graph model; Gremlin
Přiložené soubory	2021-IM-Graph-Based-CPE-Matching.pdf 2021-IM-Graph-Based-CPE-Matching-presentation.pdf
Popis	In this manuscript, we propose a graph-based approach for identification of vulnerable asset configurations via Common Platform Enumeration matching. The approach consists of a graph model and insertion procedure that is able to represent and store information about CVE vulnerabilities and different configurations of CPE-classified asset components. These building blocks are accompanied with a search query in Gremlin graph traversal language that is able to find all vulnerable pairs of CVEs and asset configurations in a single traversal, as opposed to a conventional brute-force approach.
Související projekty:	Pokročilá orchestrace bezpečnosti a inteligentní řízení hrozeb