A master thesis from Aalborg University
SENTINEL - Automatic Dissemination and Discovery of Security Advisories with Web3
Author(s)
Term
4. term
Education
Publication year
2023
Submitted on
2023-06-07
Pages
130 pages
Abstract
The prevalence of software supply chain attacks has reached unprecedented levels, primarily due to the increasing reliance on software dependencies and the inherent vulnerabilities they harbor. Currently, vendors share security advisories to centralized databases or proprietary websites, which security engineers have to search manually to find vulnerabilities relevant for their system. Furthermore, the security advisories often do not follow a standard machine-readable format, which results in the engineers having to manually analyze the documents. In this report, SENTINEL, a novel solution for automating dissemination and discovery of security advisories using Web3 technologies, is proposed. A system test conducted on the Sepolia Ethereum Testnet confirm that SENTINEL is a functioning solution for securely disseminating and discovering security advisories utilizing a fully decentralized infrastructure.
Keywords
Web3 ; Cybersecurity ; Blockchain ; SENTINEL ; SBOM ; CSAF
Documents
Colophon: This page is part of the AAU Student Projects portal, which is run by Aalborg University. Here, you can find and download publicly available bachelor's theses and master's projects from across the university dating from 2008 onwards. Student projects from before 2008 are available in printed form at Aalborg University Library.
If you have any questions about AAU Student Projects or the research registration, dissemination and analysis at Aalborg University, please feel free to contact the VBN team. You can also find more information in the AAU Student Projects FAQs.