Automated Vulnerability Analysis Support Tool (AVAST)

With the speed and convenience of e-business comes considerable risk. Viruses, hackers, denial of service attacks, programming errors, stolen or destroyed databases – these and other electronic hazards can cause huge financial losses and damage to professional reputations.

AVAST is a network vulnerability analysis tool that combines information retrieval techniques and domain expertise to transform computer security data into organized information with predictive power. The AVAST tool relies on the production of a Taxonomy of Security Analysis Terms - a hierarchical classification of computer security terms - to parse relevant security characteristics from source documents, reduce them to uniform terminology, and group them in a manner meaningful for statistical and trend analysis. AVAST transforms the information from network vulnerability sources into vulnerability understanding. AVAST enables analysis of computer security vulnerability data by means of quantifying characteristics of known vulnerabilities. Using AVAST, an analyst can reduce data overload in the study of potential computer security dangers lurking in the future based on current and past trends, as well as generic classes of danger flags and preventative actions. AVAST provides additional functionality to handle classified processing, document cross-references, mapped drive sources, push data sources, creation of mutually exclusive data sets. AVAST falls in the category of traditional Vulnerability Analysis (VA) tools but it also allows for domain specificity, semi-automated update capability, customizable taxonomy for data extraction, and introduction of homogeneous terminology classifying vulnerability characteristics not found in current approaches. The approach will be useful for network security specialists who are performing vulnerability trend analyses, vulnerability assessments, and planning new system architectures. There may be applications for e-commerce insurance applications as well. This technology has a working prototype and is presently in use in the information assurance groups at APL.

Type of Offer: Licensing

Contact Patent Owner or Broker


Next Patent »
« More Computer Science Patents

Share on      

CrowdSell Your Patent