Volume 8 Number 11 (Nov. 2013)
Home > Archive > 2013 > Volume 8 Number 11 (Nov. 2013) >
JSW 2013 Vol.8(11): 2761-2769 ISSN: 1796-217X
doi: 10.4304/jsw.8.11.2761-2769

An Efficient Method for Scheduling Massive Vulnerability Scanning Plug-ins

Yulong Wang, Nan Li
State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, China

Abstract—More and more security vulnerabilities were found in network softwares nowadays, making network security assessment one of the most important tasks for IT administrators. Vulnerability scanner is the key application for fulfilling such tasks. However, large numbers of vulnerabilities result in even larger number of vulnerability plug-ins including common plug-ins and specific plug-ins, which may involve complex dependencies. Therefore, how to schedule such large number of plug-ins in an efficient manner is a key problem for improving the performance of vulnerability scanners. We analyze the current algorithms and find that they doesn’t take the dependencies into consideration or doesn’t handle it properly, which would waste a considerable CPU time for scanning. This paper proposes an efficient plug-in scheduling algorithm based on DAG graph. We formalize plug-in scheduling as a tree-like topological sorting problem using DAG theory, in which multi-thread is treated as task lines and all plug-ins are deployed on the task lines. Each task line is occupied by the plug-ins for a period of executing time and waiting time. By constructing the DAG graph of all plug-ins and computing their “height” value, sorting the plug-ins and aligning them to a linked list for scheduling, we solve the plug-in dependency problem properly, therefore eliminate the possibilities that nonready plug-ins being scheduled to execute. We carry out experiments to validate the effectiveness of our algorithm.

Index Terms—Security vulnerability, plug-in scheduling, plug-in dependency, topological sorting.

[PDF]

Cite: Yulong Wang, Nan Li, "An Efficient Method for Scheduling Massive Vulnerability Scanning Plug-ins," Journal of Software vol. 8, no. 11, pp. 2761-2769, 2013.

General Information

ISSN: 1796-217X (Online)
Frequency:  Bimonthly (Since 2020)
Editor-in-Chief: Prof. Antanas Verikas
Executive Editor: Ms. Yoyo Y. Zhou
Abstracting/ Indexing: DBLP, EBSCO, Google Scholar, ProQuest, INSPEC(IET), ULRICH's Periodicals Directory, WorldCat, etc
E-mail: jsw@iap.org
  • Apr 26, 2021 News!

    Vol 14, No 4- Vol 14, No 12 has been indexed by IET-(Inspec)     [Click]

  • Jun 22, 2020 News!

    Papers published in JSW Vol 14, No 1- Vol 15 No 4 have been indexed by DBLP     [Click]

  • Sep 13, 2021 News!

    The papers published in Vol 16, No 6 have all received dois from Crossref    [Click]

  • Jan 28, 2021 News!

    [CFP] 2021 the annual meeting of JSW Editorial Board, ICCSM 2021, will be held in Rome, Italy, July 21-23, 2021   [Click]

  • Sep 13, 2021 News!

    Vol 16, No 6 has been published with online version     [Click]