Graph-Based CPE Matching for Identification of Vulnerable Asset Configurations

• Authors: TOVARŇÁK Daniel; SADLEK Lukáš; ČELEDA Pavel
• Year of publication: 2021
• Type: Article in Proceedings
• Conference: 2021 IFIP/IEEE International Symposium on Integrated Network Management (IM 2021)
• MU Faculty or unit: Institute of Computer Science
• web: https://ieeexplore.ieee.org/document/9463994
• Keywords: Common Vulnerabilities and Exposures; Common Platform Enumeration; CVE; CPE; graph model; Gremlin

Attached files

• 2021-IM-Graph-Based-CPE-Matching.pdf
• 2021-IM-Graph-Based-CPE-Matching-presentation.pdf

• Description: In this manuscript, we propose a graph-based approach for identification of vulnerable asset configurations via Common Platform Enumeration matching. The approach consists of a graph model and insertion procedure that is able to represent and store information about CVE vulnerabilities and different configurations of CPE-classified asset components. These building blocks are accompanied with a search query in Gremlin graph traversal language that is able to find all vulnerable pairs of CVEs and asset configurations in a single traversal, as opposed to a conventional brute-force approach.

Related projects

• Advanced Security Orchestration and Intelligent Threat Management