SCAP compliant android vulnerability scanner
Loading...
Links to Files
Permanent Link
Collections
Author/Creator
Author/Creator ORCID
Date
2017-01-01
Department
Computer Science and Electrical Engineering
Program
Computer Science
Citation of Original Publication
Rights
This item may be protected under Title 17 of the U.S. Copyright Law. It is made available by UMBC for non-commercial research and education. For permission to publish or reproduce, please see http://aok.lib.umbc.edu/specoll/repro.php or contact Special Collections at speccoll(at)umbc.edu
Distribution Rights granted to UMBC by the author.
Distribution Rights granted to UMBC by the author.
Subjects
Abstract
This theses attempts to explain the SCAP compliance of a preliminary vulnerability scanner which is in the form of an OVAL interpreter (and thus, SCAP compliant) , which scans for vulnerabilities reported because of the telephony feature in android, in the year 2016 as reported in the national vulnerability database (NVD). The implementation of the scanner is achieved by attempting to write an OVAL definition file, which when evaluated against a system characteristics file , produces an OVAL results file. The result file thus generated is in a standard form , which can be understood and interpreted by other SCAP compliant scanners as well, thus ensuring interoperability and standardization.