| CPC G06F 21/577 (2013.01) [G06F 2221/033 (2013.01)] | 5 Claims |
|
1. An evaluation apparatus comprising:
a memory storing instructions; and
one or more processors configured to execute the instructions to:
obtain application information related to an application being executed on a server;
obtain vulnerability information related to a vulnerability of the application and a library;
evaluate a risk degree from continuous execution of the application on the server, based on the application information, without stopping execution of the application on the server;
evaluate a risk level indicating the risk degree, based on the application information and the vulnerability information;
output an evaluation result of the risk degree; and
output a message and a countermeasure for avoiding the vulnerability, according to the risk level, wherein
the application information includes detail information of the application being executed on the server,
the detail information of the application includes an identifier of the application and detail information of the library called by the application,
the detail information of the library includes an identifier of the library and a function table in which a function called from the application is described,
the vulnerability information includes the identifier of the application and the library having the vulnerability, and vulnerability detail information in which content of the vulnerability is described,
the vulnerability detail information includes a vulnerability type determined based on the content of the vulnerability,
the one or more processors are configured to:
extract the application in which the identifier of the application included in the detail information of the application and the identifier of the application having the vulnerability included in the vulnerability information match;
generate application risk information including a first risk level indicating the risk degree from continuous execution of the extracted application, based on the vulnerability type of the vulnerability detail information corresponding to the extracted application;
extract the library in which the identifier of the library included in the detail information of the library and the identifier of the library having the vulnerability included in the vulnerability information match; and
determine whether or not the vulnerability described in the vulnerability detail information corresponding to the extracted library becomes apparent,
in the vulnerability detail information of the library, the function having the vulnerability is described as a defect function, and
the one or more processors are configured to:
when the defect function described in the vulnerability detail information of the extracted library is present in the function table of the detail information of the library corresponding to the extracted library, determine that the vulnerability becomes apparent;
when the vulnerability of the extracted library does not become apparent, assign a second risk level to the extracted library;
when the vulnerability of the extracted library then becomes apparent, assign a third risk level having a value larger than the second risk level to the extracted library; and
generate library risk information including the second risk level or the third risk level.
|