populate teaching/topics/ with available topics
[homepage.git] / teaching / topics / 03-windows-of-vulnerability.mdwn
1 <span class="strike">**Title**: *Windows of Vulnerability (WoVs)*</span>
2
3 **Description**: design and implement a forensic tool capable of reviewing the
4 upgrade history of a Debian(-like) distribution with respect to the history of
5 publicly known software vulnerabilities (e.g., CVEs, NVD, etc). The output of
6 the tool should be a series of time intervals, stating to which vulnerabilities
7 the machine might have been exposed in the past, and for how long it has been
8 the case.
9
10 **Technologies**:
11
12 - Debian administration (see, e.g., [handbook](http://debian-handbook.info/))
13 - Security standards:
14   - [CVE](https://cve.mitre.org/data/downloads/)
15   - [CPE](http://scap.nist.gov/specifications/cpe/)
16   - [CVRF](http://www.icasi.org/cvrf)
17 - [Debian security tracker](https://security-tracker.debian.org/tracker/)
18
19 **Supervisors**:
20
21 - [Gabriele D'Angelo](http://www.cs.unibo.it/~gdangelo) 
22 - [Stefano Zacchiroli](http://upsilon.cc/~zack)
23
24 **Status**: taken