Research Student Profile

Dr Abdualaziz Alayed PhD

Research Student

Brief biographical information

Access thesis on-line

Active security vulnerability notification and resolution

The early version of the Internet was designed for connectivity only, without the consideration of security, and the Internet is consequently an open structure. Networked systems are vulnerable for a number of reasons; design error, implementation, and management. A vulnerability is a hole or weak point that can be exploited to compromise the security of the system. Operating systems and applications are often vulnerable because of design errors. Software vendors release patches for discovered vulnerabilities, and rely upon system administrators to accept and install patches on their systems. Many system administrators fail to install patches on time, and consequently leave their systems vulnerable to exploitation by hackers. This exploitation can result in various security breaches, including website defacement, denial of service, or malware attacks. The overall problem is significant with an average of 115 vulnerabilities per week being documented during 2005.

This thesis considers the problem of vulnerabilities in IT networked systems, and maps the vulnerability types into a technical taxonomy. The thesis presents a thorough analysis of the existing methods of vulnerability management which determine that these methods have failed to mange the problem in a comprehensive way, and show the need for a comprehensive management system, capable of addressing the awareness and patch deploymentp roblems. A critical examination of vulnerability databasess tatistics over the past few years is provided, together with a benchmarking of the problem in a reference environment with a discussion of why a new approach is needed. The research examined and compared different vulnerability advisories, and proposed a generic vulnerability format towards automating the notification process.

The thesis identifies the standard process of addressing vulnerabilities and the over reliance upon the manual method. An automated management system must take into account new vulnerabilities and patch deploymentt o provide a comprehensives olution. The overall aim of the research has therefore been to design a new framework to address these flaws in the networked systems harmonised with the standard system administrator process. The approach, known as AVMS (Automated Vulnerability Management System), is capable of filtering and prioritising the relevant messages, and then downloading the associated patches and deploying them to the required machines.

The framework is validated through a proof-of-concept prototype system. A series of tests involving different advisories are used to illustrate how AVMS would behave. This helped to prove that the automated vulnerability management system prototype is indeed viable, and that the research has provided a suitable contribution to knowledge in this important domain.

Dr Abdualaziz Alayed

Director of studies: Dr Steven M Furnell
Other supervisors: Prof. Martin Tomlinson, Mr Ian Barlow, Dr Paul S Haskell-Dowland

Journal papers

An automated framework for managing security vulnerabilities
Alayed A, Furnell SM, Zhao D, Haskell-Dowland PS (Dowland PS)
Information Management & Computer Security, vol. 13, no. 2, pp156-166, 2005
More details

1 Journal papers

Conference papers

Automated precautionary measures for managing system security vulnerabilities
Zhao D, Furnell SM, Alayed A
International Conference on E-Business and Information System Security, EBISS 2009, 23-24 May, Wuhan, China, pp1-5, ISBN: 9781424429097, 2009
More details | External link available

The research on a patch management system for enterprise vulnerability update
Zhao D, Furnell SM, Alayed A
International Conference on Information Engineering, ICIE 2009, 10-11 July, Taiyuan, Shanxi, China, pp250-253, ISBN: 978-0-7695-3679-8, 2009
More details | External link available

Architectural specifications and design for an automated vulnerability resolver
Alayed A, Furnell SM, Zhao D, Barlow I, Tomlinson M
Proceedings of the Fourth International Network Conference (INC 2004), Plymouth, UK, 6-9 July 2004, pp303-310, 2004
More details | Download PDF

Critical awareness ? The problem of monitoring security vulnerabilities
Furnell SM, Alayed A, Barlow I, Haskell-Dowland PS (Dowland PS)
Proceedings of European Conference on Information Warfare and Security, 8-9 July 2002, Brunel, UK, pp85-92, 2002
More details | Download PDF

Addressing Internet security vulnerabilities - A benchmarking study
Alayed A, Furnell SM, Barlow I
Proceedings of IFIP/SEC 2002 - 17th International Conference on Information
Security, Cairo, Egypt, 7-9 May, pp121-132, 2002
More details

Security Vulnerabilities and System Intrusions ? The need for Automatic Response Frameworks
Papadaki M, Magklaras GB, Furnell SM, Alayed A
Proceedings of the IFIP 8th Annual Working Conference on Information Security Management & Small Systems Security, Las Vegas, 27-28 September, 2001
More details | Download PDF

6 Conference papers

7 publication(s) - all categories.