A system with efficient security tools is not secured if its operating system is vulnerable. Various security enhancements for operating systems provide different security levels and profiles. Administrators have to choose the appropriate level or profile of protection for their systems. Our work attempts to systematically quantify the level of vulnerability for operating systems with a profiling scheme based on the severity of the attack as listed in the CVE. Linux, due to its open source nature, is used as a case study. Vanilla Linux, Linux with hardening, and Linux with LSM enhancement, are profiled and compared.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.