Masterarbeit von Jordan Dieudonné: Identifying and detecting inconsistencies in IT-Security knowledge bases

Abstract: As society becomes increasingly dependent on infrastructures that require large amounts of computing power to function, it is more necessary than ever to protect the systems in use from failures and attacks. IT-security professionals secure these systems by leveraging information from knowledge bases that cover various concepts such as weaknesses, vulnerabilities, and attack patterns. Given the increasing number of software vulnerabilities reported each year, as well as discovered changes that impact previously discovered vulnerabilities, providing accurate information is challenging. However, it is necessary to maintain consistency across different knowledge bases to provide IT security professionals with the most accurate information so they can take appropriate protection and countermeasures. This study examines current knowledge bases that provide open information and the IT security concepts they cover, with the goal of defining and identifying inconsistencies between them. By using a compact security ontology covering different data sources, a means of automatic inconsistency detection is created. The inconsistencies identified are analyzed and the findings shed light on some of the challenges in providing accurate vulnerability information. We identify inconsistencies between the NVD, CWE, and CAPEC by using and comparing information about the stated prerequisites and requirements. In addition, we identify inconsistent vulnerability mapping between NVD and OSV, as well as indications of inconsistent descriptions and affected versions between the two sources. The results underscore the importance of the work being done to detect and clean up inconsistencies, while providing considerations for further research in this area.

Betreuer: Philipp Kühn, M.Sc.
Prüfer: Prof. Dr. Dr. Christian Reuter