An Analysis on Host Vulnerability Evaluation of Modern Operating Systems

Sajid, Afifa; Shah, Munam Ali; Kamran, Muhammad; Javaid, Qaisar; Zhang, Sijing

doi:10.14569/ijacsa.2016.070430

Cited by 5 publications

(4 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In particular, some scholars have conducted dedicated analyses of operating system vulnerabilities 28,29,29,30,31,32 . In the earlier stages, Chen et al 28 extensively analyzed string formatting vulnerabilities in the Debian Linux system.…”

Section: Cwe Id 416mentioning

confidence: 99%

Domain Knowledge-Based Analysis of Linux Vulnerability Characteristics and Evolution

Wu,

Weng,

Sun

et al. 2024

Preprint

View full text Add to dashboard Cite

An operating system is the essence of software, serving as the foundation for the operation of various application software. The security of the operating system is crucial for the national informatization construction. Data indicates that many cybersecurity incidents result from exploiting security vulnerabilities in the operating system. Linux is currently the most widely used open-source operating system, with thousands of Common Vulnerabilities and Exposures (CVE) related to Linux system reported each year. Therefore, research and prevention of vulnerabilities in the Linux system are particularly important. To gain a better understanding of the characteristics of Linux system vulnerabilities, this paper leverages knowledge in the field of software security to analyze nearly 10,000 historical vulnerability data in two core systems of Linux: Linux Kernel and Debian Linux. The study explores the evolutionary patterns of vulnerability characteristics. Specific research contents include: (1) Data collection and cleaning of vulnerability data in Linux Kernel and Debian Linux systems; (2) Cross-statistical analysis of structured data features in vulnerability reports; (3) Unstructured data feature mining in vulnerability reports based on domain knowledge; (4) Analysis of the evolution of vulnerability characteristics. This paper provides empirical lessons and guidance for Linux system vulnerabilities to assist practitioners and researchers in better preventing and detecting vulnerabilities in Linux and Linux-based systems.

show abstract

Section: Cwe Id 416mentioning

confidence: 99%

Domain Knowledge-Based Analysis of Linux Vulnerability Characteristics and Evolution

Wu,

Weng,

Sun

et al. 2024

Preprint

View full text Add to dashboard Cite

show abstract

“…Quantitative evaluation of computer systems vulnerability is a question of great debates with many approaches proposed [36,37,38,39]. It is clear that the more vulnerabilities exist in a system, the more that system is prone to hacker attacks.…”

Section: Vulnerability Severity and Cvss-based Statisticsmentioning

confidence: 99%

From Analyzing Operating System Vulnerabilities to Designing Multiversion Intrusion-Tolerant Architectures

et al. 2020

View full text Add to dashboard Cite

This paper analyses security problems of modern computer systems caused by vulnerabilities in their operating systems. Our scrutiny of widely used enterprise operating systems focuses on their vulnerabilities by examining the statistical data available on how vulnerabilities in these systems are disclosed and eliminated, and by assessing their criticality. This is done by using statistics from both the National Vulnerabilities database (NVD) and the Common Vulnerabilities and Exposures system (CVE). The specific technical areas the paper covers are the quantitative assessment of forever-day vulnerabilities, estimation of days-ofrisk, the analysis of the vulnerabilities severity and their distributions by attack vector and impact on security properties. In addition, the study aims to explore those vulnerabilities that have been found across a diverse range of operating systems. This leads us to analysing how different intrusion-tolerance architectures deploying the operating system diversity impact availability, integrity and confidentiality.

show abstract

“…A user is identified by a username, which is given when the user logs on to the system. Internally, a user is identified with a User Identification Number (UID), which is a numeric value selected by the system administrator at the time the account is created [26]. Some of the organizations, which develop Linux are renowned companies, such as Red Hat, Gentoo, Debian, SuSE, Turbolinux, and Ubuntu.…”

Section: Linux Operating Systemmentioning

confidence: 99%

Windows, Linux, Mac Operating System and Decision Making

Hasnain¹,

Rafi²

2019

IJCA

View full text Add to dashboard Cite

This paper presents a comparative study of choosing footstep of Windows, Linux and Mac, the three popular operating systems. This paper provides seven factors which needed to be considered before choosing an operating system. They are convenience, capability, security, interface, recovery, booting time and cost. These seven factors were generated from background study and analysis. Some important characteristics such as dependency upon hardware, user interface, and security are also discussed. Moreover, opensource and closed source paradigm were discussed for user support. Finally, based on user data, it has been shown how these threeoperating systems are used by users in the last couple of years.

show abstract

An Analysis on Host Vulnerability Evaluation of Modern Operating Systems

Cited by 5 publications

References 32 publications

Domain Knowledge-Based Analysis of Linux Vulnerability Characteristics and Evolution

Domain Knowledge-Based Analysis of Linux Vulnerability Characteristics and Evolution

From Analyzing Operating System Vulnerabilities to Designing Multiversion Intrusion-Tolerant Architectures

Windows, Linux, Mac Operating System and Decision Making

Contact Info

Product

Resources

About