PATCHING- TO
AUTOMATE OR NOT ?
A PRESENTATION BY
ARCHITHA REDDY MANDADI
NEW ENGLAND COLLEGE
WHAT IS PATCHING IN SOFTWARE
• Patching is the process of repairing various software issues to ensure that the
vulnerabilities are contained and that the software is safe for the computer users.
• A patch is therefore the a set of the changes that is designed to fix the various issues of a
software, update the software, or even improve it.
• With the current times where there are many security issues with software like viruses
and worm, patching is crucial.
• Patching is mostly perceived as way of strengthening the security of software.
ACTIVITIES INVOLVED IN PATCHING
• Scanning – identifying the possible issues in a software or system
• Analysis- investigating the nature of the problem existing
• Testing- checking the suitability of the patches available
• deployment- applying the patches
• Configuration – configuring the patches.
APPLICATION OF PATCHING
• Patching can be applied in various software including the operating systems to ensure
that the various vulnerabilities can be easily fixed.
• Patching involves providing the advanced and recent updates to the system for stability in
the usage of a software.
• Patching is crucial in ensuring compatibility in various programs like the video gaming.
TO AUTOMATE OR NOT ?
• Automatic patching is preferable over the manual intervention.
• Automatic patching involves a strategy where the patches can be installed in a person’s
computer where the servers checks and updates itself without any intervention of a
human being.
• On the contrary, the manual patching involves a person manually logging in to system or
server, downloads the patches and install the patches. Meaning that, the patching cannot
occur without the intervention of a person
FACTORS TO CONSIDER WHEN DECIDING
WHETHER TO AUTOMATE OR NOT
• Stability for the software- the software should be stable enough
• Security- the security of the software determines how the patching would be done.
• Compatibility- the updates should be easily compatible with the software without any
complications
• Policing – there are always policies to be considered for automatic patching since the
users are also involved.
WHY CHOOSE AUTOMATIC PATCHING?
• Security- the security issues like worms cannot be predicted. Therefore, the matter of
heightening the level of security, it is prudent to have automatic patching which can be
programmed to be even daily. Manual patching may be more risky because the computer
users may forget to update. The existence of the automatic patching eliminate the
possibilities that it is possible to forget to update the system. This puts a system under
high risks of attacks and vulnerabilities
WHY CHOOSE AUTOMATIC
PATCHING?...CONTINUED
• Improving the productivity – it well-know that automation improves productivity.
Automation eliminates the need of having the intervention of human which may be slow
and ineffective in some cases. The automation ensures that a large number of software
can be updated at simultaneously. It would take a lot of people to update all the system in
a company for instance. In return, a lot of money would be wasted. Automatic patching is
economical.
WHY CHOOSE AUTOMATIC
PATCHING?...CONTINUED
• The users- before deciding whether to choose the automatic patching, it is crucial to
consider the opinion of the users. Some users would wish to do the automatic patching
themselves.
• Eliminating the faults of human- automation ensures that various faults like forgetting are
eliminated.
WHY CHOOSE AUTOMATIC
PATCHING?...CONTINUED
• The frequency of the patches release- where the patches are to be updated more
frequently, it is prudent to have automatic patching.
• Compliancy- it is crucial to comply with the standards of developing a software. Also,
before choosing whether to automate or not, it is crucial to consider whether the users
agrees to it.
EXAMPLE OF AUTOMATIC PATCHES
• Microsoft windows deploys the automatic patches to disseminates its automatic updates
to its users.
• The automatic applications of the Microsoft windows update eliminated the need of
having the manual updates of the operating system
• The automatic updates helps the company to send important updates, fix the operating
system error issues, and updgrading
ADVANTAGES OF AUTOMATING PATCHING
• The patches can be installed even at night when the users is not using the system
• Help to avoid unpredicted major security issues
• It saves time
• It is economical- no experts needed
• It is easy for the users
• It is a proactive method
DISADVANTAGES OF AUTOMATED PATCHING
• One can easily lose track of the changes made.
• It may result to some incompatibility issues
• It may cause system interruptions in some cases
METRICS OF EFFECTIVENESS IN AUTOMATIC
PATCHING
• Speed if dissemination – the patches should be disseminated as fast as possible and as
wide as possible.
• Compatibility- the patches should be compatible with the software. The updated updates
should not corrupt the software or overwhelms it
• Time- the frequency of the patching should be favorable in such a way that it is possible
to counter upcoming issues like malicious programs generated.
DEPLOYMENT OF PATCHES
• Scheduled- an administrator can trigger the process at a specific desirable time
• System based- the patches are installed based on the system settings mostly when the
patches are missing.
• Automated- the process of installation of the patches reccurs.
AUTOMATIC PATCHING MANAGEMENT
• A patching management is the process by which the latest patches are installed in a
system or software.
• The aim of the patching management is to ensure that the patching process is done
correctly.
• Under the patch management, some testing may be done to verify the effectiveness of
the patching process.
• The process works by having some installation agents in a system.
BASIC STEPS IN PATCH MANAGEMENT
• Scan the software
• Identify the issues
• Categorize the issue and the possible solutions
• Patch testing
• deployment
• Configuration
• Reporting
THE ESSENTIALS OF AN EFFECTIVE AUTOMATIC
PATCHING
• Comprehensive scanning- the automatic patching must scan the entire system or
network to identify what needs to be fixed, improved, or updated
• Efficient patch deployment – the patches must be deployed correctly in regard to the
system requirement or bandwidth of a system
• Reporting- a good automatic patch resource should provide a detailed report about the
patching
CONCLUSION
• Automatic patching is better than the manual patching
• Automating the patching ensure that the human intervention is eliminated. Hence, the
patching can be done routinely and at any time.
• There are some requirements for a good patching strategy. an automatic patching should
not collide with the system or result to compatibility issues
• The essence of patching is to improve the security and overall performance of a software
through the availability of patches
REFERENCES
• Brumley, D., Poosankam, P., Song, D., & Zheng, J. (2008, May). Automatic patch-based exploit generation is
possible: Techniques and implications. In 2008 IEEE Symposium on Security and Privacy (sp 2008) (pp. 143-157).
IEEE.
• Gkantsidis, C., Karagiannis, T., & VojnoviC, M. (2006). Planet-scale software updates. Acm sigcomm computer
communication review, 36(4), 423-434.
• Kim, D., Nam, J., Song, J., & Kim, S. (2013, May). Automatic patch generation learned from human-written patches.
In Proceedings of the 2013 International Conference on Software Engineering (pp. 802-811). IEEE Press.
• Sidiroglou, S., & Keromytis, A. D. (2005). Countering network worms through automatic patch generation. IEEE
Security & Privacy, 3(6), 41-49.
• VojnoviĆ, M., & Ganesh, A. (2005, November). On the effectiveness of automatic patching. In Proceedings of the
2005 ACM workshop on Rapid malcode (pp. 41-50). ACM.
PATCHING- TO
AUTOMATE OR NOT ?
WHAT IS PATCHING IN SOFTWARE
• Patching is the process of repairing various software issues to ensure that the
vulnerabilities are contained and that the software is safe for the computer users.
• A patch is therefore the a set of the changes that is designed to fix the various issues of a
software, update the software, or even improve it.
• With the current times where there are many security issues with software like viruses
and worm, patching is crucial.
• Patching is mostly perceived as way of strengthening the security of software.
ACTIVITIES INVOLVED IN PATCHING
• Scanning – identifying the possible issues in a software or system
• Analysis- investigating the nature of the problem existing
• Testing- checking the suitability of the patches available
• deployment- applying the patches
• Configuration – configuring the patches.
APPLICATION OF PATCHING
• Patching can be applied in various software including the operating systems to ensure
that the various vulnerabilities can be easily fixed.
• Patching involves providing the advanced and recent updates to the system for stability in
the usage of a software.
• Patching is crucial in ensuring compatibility in various programs like the video gaming.
TO AUTOMATE OR NOT ?
• Automatic patching is preferable over the manual intervention.
• Automatic patching involves a strategy where the patches can be installed in a person’s
computer where the servers checks and updates itself without any intervention of a
human being.
• On the contrary, the manual patching involves a person manually logging in to system or
server, downloads the patches and install the patches. Meaning that, the patching cannot
occur without the intervention of a person
FACTORS TO CONSIDER WHEN DECIDING
WHETHER TO AUTOMATE OR NOT
• Stability for the software- the software should be stable enough
• Security- the security of the software determines how the patching would be done.
• Compatibility- the updates should be easily compatible with the software without any
complications
• Policing – there are always policies to be considered for automatic patching since the
users are also involved.
WHY CHOOSE AUTOMATIC PATCHING?
• Security- the security issues like worms cannot be predicted. Therefore, the matter of
heightening the level of security, it is prudent to have automatic patching which can be
programmed to be even daily. Manual patching may be more risky because the computer
users may forget to update. The existence of the automatic patching eliminate the
possibilities that it is possible to forget to update the system. This puts a system under
high risks of attacks and vulnerabilities
WHY CHOOSE AUTOMATIC
PATCHING?...CONTINUED
• Improving the productivity – it well-know that automation improves productivity.
Automation eliminates the need of having the intervention of human which may be slow
and ineffective in some cases. The automation ensures that a large number of software
can be updated at simultaneously. It would take a lot of people to update all the system in
a company for instance. In return, a lot of money would be wasted. Automatic patching is
economical.
WHY CHOOSE AUTOMATIC
PATCHING?...CONTINUED
• The users- before deciding whether to choose the automatic patching, it is crucial to
consider the opinion of the users. Some users would wish to do the automatic patching
themselves.
• Eliminating the faults of human- automation ensures that various faults like forgetting are
eliminated.
WHY CHOOSE AUTOMATIC
PATCHING?...CONTINUED
• The frequency of the patches release- where the patches are to be updated more
frequently, it is prudent to have automatic patching.
• Compliancy- it is crucial to comply with the standards of developing a software. Also,
before choosing whether to automate or not, it is crucial to consider whether the users
agrees to it.
EXAMPLE OF AUTOMATIC PATCHES
• Microsoft windows deploys the automatic patches to disseminates its automatic updates
to its users.
• The automatic applications of the Microsoft windows update eliminated the need of
having the manual updates of the operating system
• The automatic updates helps the company to send important updates, fix the operating
system error issues, and updgrading
ADVANTAGES OF AUTOMATING PATCHING
• The patches can be installed even at night when the users is not using the system
• Help to avoid unpredicted major security issues
• It saves time
• It is economical- no experts needed
• It is easy for the users
• It is a proactive method
DISADVANTAGES OF AUTOMATED PATCHING
• One can easily lose track of the changes made.
• It may result to some incompatibility issues
• It may cause system interruptions in some cases
METRICS OF EFFECTIVENESS IN AUTOMATIC
PATCHING
• Speed if dissemination – the patches should be disseminated as fast as possible and as
wide as possible.
• Compatibility- the patches should be compatible with the software. The updated updates
should not corrupt the software or overwhelms it
• Time- the frequency of the patching should be favorable in such a way that it is possible
to counter upcoming issues like malicious programs generated.
DEPLOYMENT OF PATCHES
• Scheduled- an administrator can trigger the process at a specific desirable time
• System based- the patches are installed based on the system settings mostly when the
patches are missing.
• Automated- the process of installation of the patches reccurs.
AUTOMATIC PATCHING MANAGEMENT
• A patching management is the process by which the latest patches are installed in a
system or software.
• The aim of the patching management is to ensure that the patching process is done
correctly.
• Under the patch management, some testing may be done to verify the effectiveness of
the patching process.
• The process works by having some installation agents in a system.
BASIC STEPS IN PATCH MANAGEMENT
• Scan the software
• Identify the issues
• Categorize the issue and the possible solutions
• Patch testing
• deployment
• Configuration
• Reporting
THE ESSENTIALS OF AN EFFECTIVE AUTOMATIC
PATCHING
• Comprehensive scanning- the automatic patching must scan the entire system or
network to identify what needs to be fixed, improved, or updated
• Efficient patch deployment – the patches must be deployed correctly in regard to the
system requirement or bandwidth of a system
• Reporting- a good automatic patch resource should provide a detailed report about the
patching
CONCLUSION
• Automatic patching is better than the manual patching
• Automating the patching ensure that the human intervention is eliminated. Hence, the
patching can be done routinely and at any time.
• There are some requirements for a good patching strategy. an automatic patching should
not collide with the system or result to compatibility issues
• The essence of patching is to improve the security and overall performance of a software
through the availability of patches
REFERENCES
• Brumley, D., Poosankam, P., Song, D., & Zheng, J. (2008, May). Automatic patch-based exploit generation is
possible: Techniques and implications. In 2008 IE E E S ympos ium on S ecurity a nd P riva cy (s p 2008) (pp.
143-157). IEEE.
• Gkantsidis, C., Karagiannis, T., & VojnoviC, M. (2006). Planet-scale software updates. Acm s ig comm computer
communica tion review, 36 (4), 423-434.
• Kim, D., Nam, J., Song, J., & Kim, S. (2013, May). Automatic patch generation learned from human-written patches.
In P roceeding s of the 2013 Interna tiona l Conference on S oftwa re E ng ineering (pp. 802-811). IEEE Press.
• Sidiroglou, S., & Keromytis, A. D. (2005). Countering network worms through automatic patch generation. IE E E
S ecurity & P riva cy , 3 (6), 41-49.
• VojnoviĆ, M., & Ganesh, A. (2005, November). On the effectiveness of automatic patching. In P roceeding s of
the 2005 ACM works hop on R a pid ma lcode (pp. 41-50). ACM.
Brumley, D., Poosankam, P., Song, D., & Zheng, J. (2008, May). Automatic patch-based exploit
generation is possible: Techniques and implications. In 2008 IEEE Symposium on
Security and Privacy (sp 2008) (pp. 143-157). IEEE.
In this journal, the author proposes the techniques for automatic patch-based exploit
generation, and show that our techniques can automatically generate exploits for 5 Microsoft
programs based upon patches provided via Windows Update. A key concern when discussing the
techniques is the security of the system. The authors use the example of the Windows operating
system updates to expound on the automatic patching methods. Most of the aspects of automatic
patching lie design, algorithms, and general construction of the programs for automatic patching
has been sufficiently described. Also, the author critiqued the current patching of the windows
update, among other patching techniques. These bring forth a good understanding of automatic
patching to the readers.
This article is resourceful. The lengthy and comprehensive description of how automatic
patching occurs makes it easier for the reader to understand what automatic patching and why we
need automatic patching. The credibility of the article is based on the fact that it is referenced
and discusses the common example of updates like the Windows which makes it easier for the
reader to relate. The article is well organized and various subheading tells of what the authors
found in their research and their conclusion. When trying to understand what automatic patching
entails, this can be a helpful resource.
Gkantsidis, C., Karagiannis, T., & VojnoviC, M. (2006). Planet-scale software updates. Acm
sigcomm computer communication review, 36(4), 423-434.
Automatic patching is commonly perceived as the automatic updates provided by various
companies like Microsoft. Gkantsidis, Karagiannis, and VojnoviC (2006) discusses the software
updates. The analysis of the software updates presented in this article is articulated in the sense
that the automatic updates are a core example of automatic patching. The researchers discuss the
benefits of having the system updates to deal with issues of system failures and system security
issues. The author insists that automatic schemes of patching are far much advantageous over the
manual intervention mostly when dealing with computer security issues.
The good thing with the article is that the scholars let us see the real application of
automatic patching-automatic system updates. With an example of Microsoft automatic updates,
this article makes it easier for the reader to understand what it entails to have automatic updates.
Most importantly, it discusses why we need automatic patching. The article is credible and hence
resourceful.
Kim, D., Nam, J., Song, J., & Kim, S. (2013, May). Automatic patch generation learned from
human-written patches. In Proceedings of the 2013 International Conference on Software
Engineering (pp. 802-811). IEEE Press.
Kim et al. (2013), in their research-based journal proposed for a novel automatic patch
generation technique using fix templates derived from common fix patterns. The authors say that
the automatic patching has been a key in the computing evolution. Automatic patching is
depicted as the best option to ensure that the computer users can get timely help fixing the
computer issues they may face. It is also clear from the article that there has been an increase in
the automatic patching done to various software. The authors also discuss how the automatic
patching if suitable for genetic programming among other modern computing techniques. Some
example application of automatic patching like SYDIT has been availed to depict the application
and benefit of automatic patching.
The journal is based on research. The information presented in the article is based on the
most recent development in the field of computing. Therefore, most of the data presented are
relevant to the present times of computing. There is a lot of information to learn from the article
including the different examples of automatic patching. This article is resourceful when trying to
understand the reason to choose automatic patching.
Sidiroglou, S., & Keromytis, A. D. (2005). Countering network worms through automatic patch
generation. IEEE Security & Privacy, 3(6), 41-49.
The article focusses on how automatic patching can be used as the best approach to deal
with various threats like the worm attacks. The author insists on the need to have automatic
approaches to dealing with computer security issues. The automatic patching is described as the
panacea to dealing with the network worms that attacks when the network users least expect.
Among the benefits stated are; (a)low impact on application performance, (b) its ability to
respond to attacks without human intervention, and (c) its capacity to deal with zero-day worms.
The automatic patching is regarded as a secure way of handling security and other problems
associated with the network.
This article is credible and discusses important facts that a network administrator should
know. The referencing of all the facts makes everything appear credible. It has discussed the
benefits of patching making the article relevant in a debate to prove that automatic patching is
better than other manual approaches. When discussing the issues relevant to automatic patching
and networks application, this is a crucial resource to use.
VojnoviĆ, M., & Ganesh, A. (2005, November). On the effectiveness of automatic patching.
In Proceedings of the 2005 ACM workshop on Rapid malcode (pp. 41-50). ACM.
In this journal, VojnoviĆ and Ganesh (2005) discuss the effectiveness of having
automatic patching. The two scholars talked about the effectiveness of filtering in reducing worm
infection rate, the effectiveness in filtering, ability to install the feature to an end-host computer,
and the speed of automatic patching. Essentially, the researcher aimed at presenting the benefits
of automatic patching though they did not cover all the benefits associated with the automatic
patching. The information provided by the scholars is based on the tests and researches they
conducted. A major concern was based on the fact that computer software attacks like worms are
prevalent and there is a need to deal with the issue where patching is preferable. The researcher
concluded that quick and effective dissemination of patches, which can be done through
automatic patching, is crucial in containing various software attacks like worms.
This credible source is resourceful. It explains the benefits of automatic patching. Most
importantly, the information presented is based on research. The article is credible in the sense
that all theoretical information is references and the data presented is based research rather than
mere speculations. This article is usable when proving that patching should be automatic.
Purchase answer to see full
attachment