Improving Discovery of Known Software Vulnerability For Enhanced Cybersecurity
Devesh Sawant, Manjesh K. Hanawal, Atul Kabra
TL;DR
This paper introduces a method to improve the accuracy of identifying known software vulnerabilities by standardizing CPE strings through sanitization and fuzzy matching, significantly enhancing cybersecurity defenses.
Contribution
It proposes a novel multi-layered sanitization and fuzzy matching approach to address CPE string inconsistencies, improving vulnerability detection accuracy.
Findings
Detection accuracy improved by 40%
Effective handling of non-standardized CPE strings
Enhanced vulnerability identification process
Abstract
Software vulnerabilities are commonly exploited as attack vectors in cyberattacks. Hence, it is crucial to identify vulnerable software configurations early to apply preventive measures. Effective vulnerability detection relies on identifying software vulnerabilities through standardized identifiers such as Common Platform Enumeration (CPE) strings. However, non-standardized CPE strings issued by software vendors create a significant challenge. Inconsistent formats, naming conventions, and versioning practices lead to mismatches when querying databases like the National Vulnerability Database (NVD), hindering accurate vulnerability detection. Failure to properly identify and prioritize vulnerable software complicates the patching process and causes delays in updating the vulnerable software, thereby giving attackers a window of opportunity. To address this, we present a method to…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Malware Detection Techniques · Software Reliability and Analysis Research · Information and Cyber Security