Skip to content

ds-square/CVE-Validator

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
backend
backend
 
 
postman
postman
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

CVE-Validator

Repository for IEEE CSR 23 Submission

Launching the service

  • Navigate to /backend
  • Run the command: flask --app cpe_scores run --port 10101

Supported routes

  • GET http://127.0.0.1:10101/ Returns a copy of this readme in html format

  • GET http://127.0.0.1:10101/snapshot/ Returns a list of all snaphsot currently loaded on the system, in json format

  • GET http://127.0.0.1:10101/snapshot/<snapshot_id> Returns a list of all hosts present in the snapshot, in json format

  • GET http://127.0.0.1:10101/host/<snapshot_id>/<host_id> Returns a list of all platforms and CVE of the (snapshot, host) tuple, along with their scores and validation status. Uses json format

  • GET http://127.0.0.1:10101/platform/<snapshot_id>/<host_id>/<platform_id> Returns validation status and scoring of a (snapshot, host, platform) touple, in json format

  • PUT http://127.0.0.1:10101/platform/<snapshot_id>/<host_id>/<platform_id> Sets validation status of a (snapshot, host, platform) touple. Uses payload {"validated": "confirmed"} in the Body. Accepted values for "validated" are: "unknown", "confirmed" and "discarded". Has same return of the GET at this same route.

Quickstart guide

The first task is to run the server using flask and python 3.

Once the server is up, use a client, such as postman, to send http requests.

In particular, use GET http://127.0.0.1:10101/snapshot/ to get a list of all available snapshot_id

Then, use GET http://127.0.0.1:10101/snapshot/<snapshot_id> to get a list of all available host_id

Lastly, use GET http://127.0.0.1:10101/platform/<snapshot_id>/<host_id>/<platform_id> as the main function to inspect the validator's internal status for the chosen host, such as platforms, their scores according to multiple scoring criteria (In our paper we referred to what the application exposes as the "sum" score, but we are also experimenting with other scoring strategies), their validation status (unknown, confirmed, discarded) as well as vulnerabilities and their validation status (unknown, confirmed, discarded).

Once you have selected a platform_id to confirm or discard, use PUT http://127.0.0.1:10101/platform/<snapshot_id>/<host_id>/<platform_id> with payload {"validated": "confirmed"} or {"validated": "discarded"} in the Body to confirm or discard the platform from the host

The validator will now recalculate all the scores and vulnerability validation statuses, which will needed to be fetched again using the GET http://127.0.0.1:10101/platform/<snapshot_id>/<host_id>/<platform_id>

And thus, the cycle continues at the operator's will.

More information

For more information, refer to our paper.

If you are planning on using our tool in your research, we would be grateful if you can consider referencing it using the following BibTeX entry:

@inproceedings{SemiApproach-CSR23,
  author = {Bonomi, Silvia and Cuoci, Marco and Lenti, Simone},
  title = {A Semi-automatic Approach for Enhancing the Quality of Automatically Generated Inventories},
  booktitle = {Proceedings of the 2023 IEEE International Conference on Cyber Security and Resilience (CSR 23)},
  series = {IEEE CSR '23},
  year = {2023}
}

About

Repository for IEEE CSR 23 Submission

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages