PATCHING- TO AUTOMATE OR NOT ? A PRESENTATION BY ARCHITHA REDDY MANDADI NEW ENGLAND COLLEGE WHAT IS PATCHING IN SOFTWARE • Patching is the process of repairing various software issues to ensure that the vulnerabilities are contained and that the software is safe for the computer users. • A patch is therefore the a set of the changes that is designed to fix the various issues of a software, update the software, or even improve it. • With the current times where there are many security issues with software like viruses and worm, patching is crucial. • Patching is mostly perceived as way of strengthening the security of software. ACTIVITIES INVOLVED IN PATCHING • Scanning – identifying the possible issues in a software or system • Analysis- investigating the nature of the problem existing • Testing- checking the suitability of the patches available • deployment- applying the patches • Configuration – configuring the patches. APPLICATION OF PATCHING • Patching can be applied in various software including the operating systems to ensure that the various vulnerabilities can be easily fixed. • Patching involves providing the advanced and recent updates to the system for stability in the usage of a software. • Patching is crucial in ensuring compatibility in various programs like the video gaming. TO AUTOMATE OR NOT ? • Automatic patching is preferable over the manual intervention. • Automatic patching involves a strategy where the patches can be installed in a person’s computer where the servers checks and updates itself without any intervention of a human being. • On the contrary, the manual patching involves a person manually logging in to system or server, downloads the patches and install the patches. Meaning that, the patching cannot occur without the intervention of a person FACTORS TO CONSIDER WHEN DECIDING WHETHER TO AUTOMATE OR NOT • Stability for the software- the software should be stable enough • Security- the security of the software determines how the patching would be done. • Compatibility- the updates should be easily compatible with the software without any complications • Policing – there are always policies to be considered for automatic patching since the users are also involved. WHY CHOOSE AUTOMATIC PATCHING? • Security- the security issues like worms cannot be predicted. Therefore, the matter of heightening the level of security, it is prudent to have automatic patching which can be programmed to be even daily. Manual patching may be more risky because the computer users may forget to update. The existence of the automatic patching eliminate the possibilities that it is possible to forget to update the system. This puts a system under high risks of attacks and vulnerabilities WHY CHOOSE AUTOMATIC PATCHING?...CONTINUED • Improving the productivity – it well-know that automation improves productivity. Automation eliminates the need of having the intervention of human which may be slow and ineffective in some cases. The automation ensures that a large number of software can be updated at simultaneously. It would take a lot of people to update all the system in a company for instance. In return, a lot of money would be wasted. Automatic patching is economical. WHY CHOOSE AUTOMATIC PATCHING?...CONTINUED • The users- before deciding whether to choose the automatic patching, it is crucial to consider the opinion of the users. Some users would wish to do the automatic patching themselves. • Eliminating the faults of human- automation ensures that various faults like forgetting are eliminated. WHY CHOOSE AUTOMATIC PATCHING?...CONTINUED • The frequency of the patches release- where the patches are to be updated more frequently, it is prudent to have automatic patching. • Compliancy- it is crucial to comply with the standards of developing a software. Also, before choosing whether to automate or not, it is crucial to consider whether the users agrees to it. EXAMPLE OF AUTOMATIC PATCHES • Microsoft windows deploys the automatic patches to disseminates its automatic updates to its users. • The automatic applications of the Microsoft windows update eliminated the need of having the manual updates of the operating system • The automatic updates helps the company to send important updates, fix the operating system error issues, and updgrading ADVANTAGES OF AUTOMATING PATCHING • The patches can be installed even at night when the users is not using the system • Help to avoid unpredicted major security issues • It saves time • It is economical- no experts needed • It is easy for the users • It is a proactive method DISADVANTAGES OF AUTOMATED PATCHING • One can easily lose track of the changes made. • It may result to some incompatibility issues • It may cause system interruptions in some cases METRICS OF EFFECTIVENESS IN AUTOMATIC PATCHING • Speed if dissemination – the patches should be disseminated as fast as possible and as wide as possible. • Compatibility- the patches should be compatible with the software. The updated updates should not corrupt the software or overwhelms it • Time- the frequency of the patching should be favorable in such a way that it is possible to counter upcoming issues like malicious programs generated. DEPLOYMENT OF PATCHES • Scheduled- an administrator can trigger the process at a specific desirable time • System based- the patches are installed based on the system settings mostly when the patches are missing. • Automated- the process of installation of the patches reccurs. AUTOMATIC PATCHING MANAGEMENT • A patching management is the process by which the latest patches are installed in a system or software. • The aim of the patching management is to ensure that the patching process is done correctly. • Under the patch management, some testing may be done to verify the effectiveness of the patching process. • The process works by having some installation agents in a system. BASIC STEPS IN PATCH MANAGEMENT • Scan the software • Identify the issues • Categorize the issue and the possible solutions • Patch testing • deployment • Configuration • Reporting THE ESSENTIALS OF AN EFFECTIVE AUTOMATIC PATCHING • Comprehensive scanning- the automatic patching must scan the entire system or network to identify what needs to be fixed, improved, or updated • Efficient patch deployment – the patches must be deployed correctly in regard to the system requirement or bandwidth of a system • Reporting- a good automatic patch resource should provide a detailed report about the patching CONCLUSION • Automatic patching is better than the manual patching • Automating the patching ensure that the human intervention is eliminated. Hence, the patching can be done routinely and at any time. • There are some requirements for a good patching strategy. an automatic patching should not collide with the system or result to compatibility issues • The essence of patching is to improve the security and overall performance of a software through the availability of patches REFERENCES • Brumley, D., Poosankam, P., Song, D., & Zheng, J. (2008, May). Automatic patch-based exploit generation is possible: Techniques and implications. In 2008 IEEE Symposium on Security and Privacy (sp 2008) (pp. 143-157). IEEE. • Gkantsidis, C., Karagiannis, T., & VojnoviC, M. (2006). Planet-scale software updates. Acm sigcomm computer communication review, 36(4), 423-434. • Kim, D., Nam, J., Song, J., & Kim, S. (2013, May). Automatic patch generation learned from human-written patches. In Proceedings of the 2013 International Conference on Software Engineering (pp. 802-811). IEEE Press. • Sidiroglou, S., & Keromytis, A. D. (2005). Countering network worms through automatic patch generation. IEEE Security & Privacy, 3(6), 41-49. • VojnoviĆ, M., & Ganesh, A. (2005, November). On the effectiveness of automatic patching. In Proceedings of the 2005 ACM workshop on Rapid malcode (pp. 41-50). ACM. PATCHING- TO AUTOMATE OR NOT ? WHAT IS PATCHING IN SOFTWARE • Patching is the process of repairing various software issues to ensure that the vulnerabilities are contained and that the software is safe for the computer users. • A patch is therefore the a set of the changes that is designed to fix the various issues of a software, update the software, or even improve it. • With the current times where there are many security issues with software like viruses and worm, patching is crucial. • Patching is mostly perceived as way of strengthening the security of software. ACTIVITIES INVOLVED IN PATCHING • Scanning – identifying the possible issues in a software or system • Analysis- investigating the nature of the problem existing • Testing- checking the suitability of the patches available • deployment- applying the patches • Configuration – configuring the patches. APPLICATION OF PATCHING • Patching can be applied in various software including the operating systems to ensure that the various vulnerabilities can be easily fixed. • Patching involves providing the advanced and recent updates to the system for stability in the usage of a software. • Patching is crucial in ensuring compatibility in various programs like the video gaming. TO AUTOMATE OR NOT ? • Automatic patching is preferable over the manual intervention. • Automatic patching involves a strategy where the patches can be installed in a person’s computer where the servers checks and updates itself without any intervention of a human being. • On the contrary, the manual patching involves a person manually logging in to system or server, downloads the patches and install the patches. Meaning that, the patching cannot occur without the intervention of a person FACTORS TO CONSIDER WHEN DECIDING WHETHER TO AUTOMATE OR NOT • Stability for the software- the software should be stable enough • Security- the security of the software determines how the patching would be done. • Compatibility- the updates should be easily compatible with the software without any complications • Policing – there are always policies to be considered for automatic patching since the users are also involved. WHY CHOOSE AUTOMATIC PATCHING? • Security- the security issues like worms cannot be predicted. Therefore, the matter of heightening the level of security, it is prudent to have automatic patching which can be programmed to be even daily. Manual patching may be more risky because the computer users may forget to update. The existence of the automatic patching eliminate the possibilities that it is possible to forget to update the system. This puts a system under high risks of attacks and vulnerabilities WHY CHOOSE AUTOMATIC PATCHING?...CONTINUED • Improving the productivity – it well-know that automation improves productivity. Automation eliminates the need of having the intervention of human which may be slow and ineffective in some cases. The automation ensures that a large number of software can be updated at simultaneously. It would take a lot of people to update all the system in a company for instance. In return, a lot of money would be wasted. Automatic patching is economical. WHY CHOOSE AUTOMATIC PATCHING?...CONTINUED • The users- before deciding whether to choose the automatic patching, it is crucial to consider the opinion of the users. Some users would wish to do the automatic patching themselves. • Eliminating the faults of human- automation ensures that various faults like forgetting are eliminated. WHY CHOOSE AUTOMATIC PATCHING?...CONTINUED • The frequency of the patches release- where the patches are to be updated more frequently, it is prudent to have automatic patching. • Compliancy- it is crucial to comply with the standards of developing a software. Also, before choosing whether to automate or not, it is crucial to consider whether the users agrees to it. EXAMPLE OF AUTOMATIC PATCHES • Microsoft windows deploys the automatic patches to disseminates its automatic updates to its users. • The automatic applications of the Microsoft windows update eliminated the need of having the manual updates of the operating system • The automatic updates helps the company to send important updates, fix the operating system error issues, and updgrading ADVANTAGES OF AUTOMATING PATCHING • The patches can be installed even at night when the users is not using the system • Help to avoid unpredicted major security issues • It saves time • It is economical- no experts needed • It is easy for the users • It is a proactive method DISADVANTAGES OF AUTOMATED PATCHING • One can easily lose track of the changes made. • It may result to some incompatibility issues • It may cause system interruptions in some cases METRICS OF EFFECTIVENESS IN AUTOMATIC PATCHING • Speed if dissemination – the patches should be disseminated as fast as possible and as wide as possible. • Compatibility- the patches should be compatible with the software. The updated updates should not corrupt the software or overwhelms it • Time- the frequency of the patching should be favorable in such a way that it is possible to counter upcoming issues like malicious programs generated. DEPLOYMENT OF PATCHES • Scheduled- an administrator can trigger the process at a specific desirable time • System based- the patches are installed based on the system settings mostly when the patches are missing. • Automated- the process of installation of the patches reccurs. AUTOMATIC PATCHING MANAGEMENT • A patching management is the process by which the latest patches are installed in a system or software. • The aim of the patching management is to ensure that the patching process is done correctly. • Under the patch management, some testing may be done to verify the effectiveness of the patching process. • The process works by having some installation agents in a system. BASIC STEPS IN PATCH MANAGEMENT • Scan the software • Identify the issues • Categorize the issue and the possible solutions • Patch testing • deployment • Configuration • Reporting THE ESSENTIALS OF AN EFFECTIVE AUTOMATIC PATCHING • Comprehensive scanning- the automatic patching must scan the entire system or network to identify what needs to be fixed, improved, or updated • Efficient patch deployment – the patches must be deployed correctly in regard to the system requirement or bandwidth of a system • Reporting- a good automatic patch resource should provide a detailed report about the patching CONCLUSION • Automatic patching is better than the manual patching • Automating the patching ensure that the human intervention is eliminated. Hence, the patching can be done routinely and at any time. • There are some requirements for a good patching strategy. an automatic patching should not collide with the system or result to compatibility issues • The essence of patching is to improve the security and overall performance of a software through the availability of patches REFERENCES • Brumley, D., Poosankam, P., Song, D., & Zheng, J. (2008, May). Automatic patch-based exploit generation is possible: Techniques and implications. In 2008 IE E E S ympos ium on S ecurity a nd P riva cy (s p 2008) (pp. 143-157). IEEE. • Gkantsidis, C., Karagiannis, T., & VojnoviC, M. (2006). Planet-scale software updates. Acm s ig comm computer communica tion review, 36 (4), 423-434. • Kim, D., Nam, J., Song, J., & Kim, S. (2013, May). Automatic patch generation learned from human-written patches. In P roceeding s of the 2013 Interna tiona l Conference on S oftwa re E ng ineering (pp. 802-811). IEEE Press. • Sidiroglou, S., & Keromytis, A. D. (2005). Countering network worms through automatic patch generation. IE E E S ecurity & P riva cy , 3 (6), 41-49. • VojnoviĆ, M., & Ganesh, A. (2005, November). On the effectiveness of automatic patching. In P roceeding s of the 2005 ACM works hop on R a pid ma lcode (pp. 41-50). ACM. Brumley, D., Poosankam, P., Song, D., & Zheng, J. (2008, May). Automatic patch-based exploit generation is possible: Techniques and implications. In 2008 IEEE Symposium on Security and Privacy (sp 2008) (pp. 143-157). IEEE. In this journal, the author proposes the techniques for automatic patch-based exploit generation, and show that our techniques can automatically generate exploits for 5 Microsoft programs based upon patches provided via Windows Update. A key concern when discussing the techniques is the security of the system. The authors use the example of the Windows operating system updates to expound on the automatic patching methods. Most of the aspects of automatic patching lie design, algorithms, and general construction of the programs for automatic patching has been sufficiently described. Also, the author critiqued the current patching of the windows update, among other patching techniques. These bring forth a good understanding of automatic patching to the readers. This article is resourceful. The lengthy and comprehensive description of how automatic patching occurs makes it easier for the reader to understand what automatic patching and why we need automatic patching. The credibility of the article is based on the fact that it is referenced and discusses the common example of updates like the Windows which makes it easier for the reader to relate. The article is well organized and various subheading tells of what the authors found in their research and their conclusion. When trying to understand what automatic patching entails, this can be a helpful resource. Gkantsidis, C., Karagiannis, T., & VojnoviC, M. (2006). Planet-scale software updates. Acm sigcomm computer communication review, 36(4), 423-434. Automatic patching is commonly perceived as the automatic updates provided by various companies like Microsoft. Gkantsidis, Karagiannis, and VojnoviC (2006) discusses the software updates. The analysis of the software updates presented in this article is articulated in the sense that the automatic updates are a core example of automatic patching. The researchers discuss the benefits of having the system updates to deal with issues of system failures and system security issues. The author insists that automatic schemes of patching are far much advantageous over the manual intervention mostly when dealing with computer security issues. The good thing with the article is that the scholars let us see the real application of automatic patching-automatic system updates. With an example of Microsoft automatic updates, this article makes it easier for the reader to understand what it entails to have automatic updates. Most importantly, it discusses why we need automatic patching. The article is credible and hence resourceful. Kim, D., Nam, J., Song, J., & Kim, S. (2013, May). Automatic patch generation learned from human-written patches. In Proceedings of the 2013 International Conference on Software Engineering (pp. 802-811). IEEE Press. Kim et al. (2013), in their research-based journal proposed for a novel automatic patch generation technique using fix templates derived from common fix patterns. The authors say that the automatic patching has been a key in the computing evolution. Automatic patching is depicted as the best option to ensure that the computer users can get timely help fixing the computer issues they may face. It is also clear from the article that there has been an increase in the automatic patching done to various software. The authors also discuss how the automatic patching if suitable for genetic programming among other modern computing techniques. Some example application of automatic patching like SYDIT has been availed to depict the application and benefit of automatic patching. The journal is based on research. The information presented in the article is based on the most recent development in the field of computing. Therefore, most of the data presented are relevant to the present times of computing. There is a lot of information to learn from the article including the different examples of automatic patching. This article is resourceful when trying to understand the reason to choose automatic patching. Sidiroglou, S., & Keromytis, A. D. (2005). Countering network worms through automatic patch generation. IEEE Security & Privacy, 3(6), 41-49. The article focusses on how automatic patching can be used as the best approach to deal with various threats like the worm attacks. The author insists on the need to have automatic approaches to dealing with computer security issues. The automatic patching is described as the panacea to dealing with the network worms that attacks when the network users least expect. Among the benefits stated are; (a)low impact on application performance, (b) its ability to respond to attacks without human intervention, and (c) its capacity to deal with zero-day worms. The automatic patching is regarded as a secure way of handling security and other problems associated with the network. This article is credible and discusses important facts that a network administrator should know. The referencing of all the facts makes everything appear credible. It has discussed the benefits of patching making the article relevant in a debate to prove that automatic patching is better than other manual approaches. When discussing the issues relevant to automatic patching and networks application, this is a crucial resource to use. VojnoviĆ, M., & Ganesh, A. (2005, November). On the effectiveness of automatic patching. In Proceedings of the 2005 ACM workshop on Rapid malcode (pp. 41-50). ACM. In this journal, VojnoviĆ and Ganesh (2005) discuss the effectiveness of having automatic patching. The two scholars talked about the effectiveness of filtering in reducing worm infection rate, the effectiveness in filtering, ability to install the feature to an end-host computer, and the speed of automatic patching. Essentially, the researcher aimed at presenting the benefits of automatic patching though they did not cover all the benefits associated with the automatic patching. The information provided by the scholars is based on the tests and researches they conducted. A major concern was based on the fact that computer software attacks like worms are prevalent and there is a need to deal with the issue where patching is preferable. The researcher concluded that quick and effective dissemination of patches, which can be done through automatic patching, is crucial in containing various software attacks like worms. This credible source is resourceful. It explains the benefits of automatic patching. Most importantly, the information presented is based on research. The article is credible in the sense that all theoretical information is references and the data presented is based research rather than mere speculations. This article is usable when proving that patching should be automatic.
Purchase answer to see full attachment