Smart Vulnerability Assessment for OS/VM, GitHub,
Author : tatiana-dople | Published Date : 2025-05-28
Description: Smart Vulnerability Assessment for OSVM GitHub IoT An Overview Steven Ullman Ben Lazarine Izhar Sajid Sagar Samtani and Mark Patton University of Arizona Indiana University 1 Agenda Introduction and Motivation Previous AI Lab
Presentation Embed Code
Download Presentation
Download
Presentation The PPT/PDF document
"Smart Vulnerability Assessment for OS/VM, GitHub," is the property of its rightful owner.
Permission is granted to download and print the materials on this website for personal, non-commercial use only,
and to display it on your personal computer provided you do not modify the materials and that you retain all
copyright notices contained in the materials. By downloading content from our website, you accept the terms of
this agreement.
Transcript:Smart Vulnerability Assessment for OS/VM, GitHub,:
Smart Vulnerability Assessment for OS/VM, GitHub, IoT: An Overview Steven Ullman, Ben Lazarine, Izhar Sajid, Sagar Samtani, and Mark Patton University of Arizona, Indiana University 1 Agenda Introduction and Motivation Previous AI Lab Vulnerability Assessment/IoT Work Current AI Lab Vulnerability Assessment/IoT Work Module 1: OS/VM Image Vulnerability Assessment Module 2: GitHub Vulnerability Assessment Module 3: IoT Device Vulnerability Assessment Summary Future Directions Question and Answer 2 Introduction The internet enables efficient and effective communication between devices worldwide. Approximately 7 billion IoT devices are connected as of 2018 However, many devices are vulnerable to devastating cyber-attacks. Assessing the vulnerabilities of all internet connected devices in an automated, scalable manner can help prevent future cyber-attacks. The vast amounts of various data sources and types show promise in applying AI-based techniques to enhance these assessments. 3 Motivation – Relevance in AI Lab Research in the AI Lab is heavily oriented around data and information. We can collect a variety of host and device specific information in a variety of data types: Host/VM OS, Application Dependencies, File Systems, Kernel Version, Author, etc. GitHub Repository Repository Owner, Branches, Commits, Username, Forks, etc. IoT Device Netflow Data (IP Header, Protocol, Source & Dest. Address, etc.) Traditional vulnerability assessments are rule-based and detect services on open ports or through analysis of network traffic. Using additional data features and analytics extend the capacity of current scanning tools Given our strengths, we apply machine and deep learning techniques using this data to provide targeted security analytics for systems and devices. We present previous vulnerability assessment work within the AI Lab in Table 1. 4 Previous AI Lab Vulnerability Assessment Work Table 1. Previous AI Lab Vulnerability Assessment Research Key Observations: The majority of past vulnerability assessment work has centered around using publicly accessible devices from Shodan. The prevailing vulnerability scanner in these works has been Nessus. 1. 2. 5 IoT Lab: Summary of Recent Work Table 2. Summary of Recent IoT Lab Work We present a recent summary of IoT research, AI Lab members, and project descriptions/preliminary results in Table 2. Key Observations: The prevailing tool in collecting network traffic from IoT devices has been Wireshark. The primary method in recent work has been analyzing static network traffic transmitted from a collection of local devices (also performed using Wireshark). While past work has been centered around network traffic and data from Shodan, we have expanded our
