Proceedings of the 24th ACM Conference on Systems and Software Product Line: Volume a - Volume A 2020
DOI: 10.1145/3382025.3414952
|View full text |Cite
|
Sign up to set email alerts
|

Amadeus

Abstract: The proper configuration of systems has become a fundamental factor to avoid cybersecurity risks. Thereby, the analysis of cybersecurity vulnerabilities is a mandatory task, but the number of vulnerabilities and system configurations that can be threatened is extremely high. In this paper, we propose a method that uses software product line techniques to analyse the vulnerable configuration of the systems. We propose a solution, entitled AMADEUS, to enable and support the automatic analysis and testing of cybe… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
6
0

Year Published

2021
2021
2024
2024

Publication Types

Select...
3
2

Relationship

1
4

Authors

Journals

citations
Cited by 5 publications
(6 citation statements)
references
References 37 publications
0
6
0
Order By: Relevance
“…As mentioned above, AMADEUS was presented in a previous work (Varela-Vaca et al, 2020) as a methodology for automatically creating FMs by integrating information from the vulnerability repository and reasoning to determine attack vectors with certain features. However, certain aspects were left pending, such as the subsequent extraction of exploits to assess vulnerabilities, the incorporation of new vulnerability repositories, and the improvement of reasoning about the models.…”
Section: Amadeus-exploitmentioning
confidence: 99%
See 3 more Smart Citations
“…As mentioned above, AMADEUS was presented in a previous work (Varela-Vaca et al, 2020) as a methodology for automatically creating FMs by integrating information from the vulnerability repository and reasoning to determine attack vectors with certain features. However, certain aspects were left pending, such as the subsequent extraction of exploits to assess vulnerabilities, the incorporation of new vulnerability repositories, and the improvement of reasoning about the models.…”
Section: Amadeus-exploitmentioning
confidence: 99%
“…The inference of FMs from vulnerabilities was introduced in the previous work (Varela-Vaca et al, 2020). In that approach, we inferred an FM for a CVE, but it was built considering only a vulnerability database and omitting exploit information.…”
Section: Generation Of Feature Modelsmentioning
confidence: 99%
See 2 more Smart Citations
“…AAFMs enable reasoning about VISs by using artificial intelligence systems or ad-hoc algorithms to extract relevant information from the set of dependencies described in a VIS. Coupled with variability analysis, approaches have emerged that attempt to analyse the vulnerabilities of a software product line to optimise the test suite to be performed [11].…”
Section: Introductionmentioning
confidence: 99%