Abstract
Attackers are becoming proficient at reverse engineering security patches and then creating worms or viruses that rapidly attack systems that have not applied the patches. Automated patch management systems are being developed to address this threat. A central function of a patch management system is to decide which patches to install on a computer and to determine the sequence of actions that will cause them to be installed.
In this paper, we introduce the notion of a patch remediation graph that depicts ways in which a system can be patched so that the system eventually reaches a desired, secure state. We present a language for specifying patch dependencies, patch conflicts, and user preferences for patch configurations. We then present efficient algorithms that construct and analyze remediation graphs from current computer configurations and various patch constraints. Our analysis algorithms use the graphs to compute maximal preferred configurations and sequences of patch actions that, if executed, will transition computers safely to those configurations.
Chapter PDF
References
E. M. Clarke, O. Grumberg, and D. Peled. Model Checking. MIT Press, 2000.
R. Conradi and B. Westfechtel. Version models for software configuration management. ACM Computing Surveys, 30(2), June 1998.
P. Devanbu, M. Gertz, and S. Stubblebine. Security for automated, distributed configuration management. In In Proceedings, ICSE 99 Workshop on Software Engineering over the Internet, 1999.
P. Devanbu and S. Stubblebine. Software engineering for security: a roadmap. In The Future of Software Engineering, volume Special Volume (ICSE 2000), 2000.
R. S. Hall, D. Heimbigner, A. van der Hoek, and A. L. Wolf. An architecture for post-development configuration management in a wide-area network. In Proc. of the 1997 International Conference on Distributed Configurable Systems, pages 269–278, May 1997.
Somesh Jha, Oleg Sheyner, and Jeannette M. Wing. Minimization and reliability analyses of attack graphs. Technical Report CMU-CS-02–109, School of Computer Science, Carnegie Mellon University, February 2002.
Somesh Jha, Oleg Sheyner, and Jeannette M. Wing. Two formal analyses of attack graphs. In Proceedings of the 2002 Computer Security Foundations Workshop, pages 49–63, June 2002.
Key, Proulx, Michnikov, Rubinovitz, Wittbold, and Wojcik. The Outpost system. In MILCOM 2000 presentation, 2000.
Microsoft Corporation. Patch Management Using Microsoft Systems Management Server 2003, 2003.
Novadigm. Radia Patch Manager, 2003. http://www.novadigm.com/ products/patchmanager.asp.
C. R. Ramakrishnan and R. Sekar. Model-based vulnerability analysis of computer systems. In Proceedings of the 2nd International Workshop on Verification, Model Checking and Abstract Interpretation, September 1998.
C. R. Ramakrishnan and R. Sekar. Model-based analysis of configuration vulnerabilities. Journal of Computer Security, 10(1–2) :189–209, 2002.
Ronald W. Ritchey and Paul Ammann. Using model checking to analyze network vulnerabilities. In Proceedings of the IEEE Symposium on Security and Privacy, pages 156–165, 2000.
Oleg Sheyner, Joshua Haines, Somesh Jha, Richard Lippmann, and Jeannette M. Wing. Automated generation and analysis of attack graphs. In Proceedings of the IEEE Symposium on Security and Privacy, pages 254–265. IEEE Computer Society, 2002.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 IFIP International Federation for Information Processing
About this paper
Cite this paper
Swarup, V. (2004). Remediation Graphs for Security Patch Management. In: Deswarte, Y., Cuppens, F., Jajodia, S., Wang, L. (eds) Security and Protection in Information Processing Systems. SEC 2004. IFIP — The International Federation for Information Processing, vol 147. Springer, Boston, MA. https://doi.org/10.1007/1-4020-8143-X_2
Download citation
DOI: https://doi.org/10.1007/1-4020-8143-X_2
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-8016-1
Online ISBN: 978-1-4020-8143-9
eBook Packages: Springer Book Archive