N-day 취약점 데이터베이스 개선 및 활용 방안 연구

Vol. 34, No. 4, pp. 667-680, 8월. 2024
10.13089/JKIISC.2024.34.4.667, Full Text:
Keywords: cybersecurity, Vulnerability, CVE, CPE, Exploit DB
Abstract

If the software is not updated after the vulnerability is disclosed, it can continue to be attacked. As a result, the importance of N-day detection is increasing as attacks that exploit vulnerabilities increase. However, there is a problem that it is difficult to find specific version information in the published vulnerability database, or that the wrong version or software is outputted. There is also a limitation in that the connection between the published vulnerability databases is not good. In order to overcome these limitations, this paper proposes a method of building information including comprehensive vulnerability information such as CVE, CPE, and Exploit Database into an integrated database. Furthermore, by developing a website for searching for vulnerabilities based on an integrated database built as a result of this study, it is effective in detecting and utilizing vulnerabilities in specific software versions and Windows operating systems.

Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
정종선 and 박정흠, "N-day 취약점 데이터베이스 개선 및 활용 방안 연구," Journal of The Korea Institute of Information Security and Cryptology, vol. 34, no. 4, pp. 667-680, 2024. DOI: 10.13089/JKIISC.2024.34.4.667.

[ACM Style]
정종선 and 박정흠. 2024. N-day 취약점 데이터베이스 개선 및 활용 방안 연구. Journal of The Korea Institute of Information Security and Cryptology, 34, 4, (2024), 667-680. DOI: 10.13089/JKIISC.2024.34.4.667.