• An integrated framework for software vulnerability detection, analysis and mitigation: an autonomic system

    • Fulltext

       

        Click here to view fulltext PDF


      Permanent link:
      https://www.ias.ac.in/article/fulltext/sadh/042/09/1481-1493

    • Keywords

       

      Autonomic computing; software security; software vulnerability; vulnerability detection; vulnerability mitigation; vulnerability optimization

    • Abstract

       

      Nowadays, the number of software vulnerabilities incidents and the loss due to occurrence of software vulnerabilities are growing exponentially. The current existing security strategies, the vulnerability detection and remediating approaches are not intelligent, automated, self-managed and not competent to combat against the vulnerabilities and security threats, and to provide secured self-managed software environment to the organizations. Hence, there is a strong need to devise an intelligent and automated approach to optimize security and prevent the occurrence of vulnerabilities or mitigate the vulnerabilities. The autonomic computing is a nature-inspired and self-management-based computational model. In this paper, an autonomic-computing-based integrated framework is proposed to detect, fire the trigger of alarm, assess, classify, prioritize, mitigate and manage the software vulnerability automatically. The proposed framework uses a knowledge base and inference engine, which automatically takes the remediating actions on future occurrence of software security vulnerabilities through self-configuration, self-healing, self-prevention and self-optimization as per the needs. The proposed framework is beneficial to industry and society in various aspects because it is an integrated, crossconcern and intelligent framework and provides more secured self-managed environment to the organizations. The proposed framework reduces the security risks and threats, and also monetary and reputational loss. It canbe embedded easily in existing software and incorporated or implemented as an inbuilt integral component of the new software during software development.

    • Author Affiliations

       

      MANOJ KUMAR1 ARUN SHARMA2

      1. University Teaching Department of Computer Science and Application, Makhanlal Chaturvedi National University of Journalism and Communication, Bhopal 462011, India
      2. Department of Information Technology, Indira Gandhi Delhi Technical University for Women, Delhi 110006, India
    • Dates

       
  • Sadhana | News

    • Editorial Note on Continuous Article Publication

      Posted on July 25, 2019

      Click here for Editorial Note on CAP Mode

© 2017-2019 Indian Academy of Sciences, Bengaluru.