The relationship of software vulnerabilities and workarounds
This paper investigates the relationship between vulnerability types and their workarounds. Via a workaround solution, users prevent or mitigate the risk of a vulnerability without the need of eliminating it. So far, little attention has been paid to this fruitful approach, whereas workaround solutions can perform so efficiently when dealing with vulnerabilities. In this research, a proper dataset from four mostly referred vulnerability databases (OSVDB, Security Tracker, Cert CC Vulnerability Notes and NVD) is compiled. In this dataset which we have called VuWaDB, the workarounds are organized in six main categories configuration, code modification, route alteration, elimination, access restriction and utility tools. The CWEs that the NVD was assigned to, are used to determine vulnerability types. In order to discover the relationship between vulnerabilities and their related workaround solutions, after a statistical survey, a relevant bipartite graph is constructed. The obtained results are analyzed and presented in related tables, which provide the relation between software vulnerabilities and their workarounds.
- حق عضویت دریافتی صرف حمایت از نشریات عضو و نگهداری، تکمیل و توسعه مگیران میشود.
- پرداخت حق اشتراک و دانلود مقالات اجازه بازنشر آن در سایر رسانههای چاپی و دیجیتال را به کاربر نمیدهد.