next up previous contents
Next: Automation of vulnerability testing Up: The Future of Security Previous: The Future of Security   Contents

The need for better security

Figure 2: Vulnerabilities & Attacks evolution (source : CERT)
\includegraphics[height=3.6cm, width=6cm]{vulnerabilities.eps}
\includegraphics[height=3.6cm, width=6cm]{attacks.eps}

A positive observation is that network security is a very young idea. At the beginning of computer design noone had thought of security problems because noone had predicted the huge boom that would follow the birth of internet. Consequently, program designers were not taking care of bugs that could lead to potential security exploits. The first big incident that made people realise the importance of network security maybe was the 1988 Internet Worm[10, The Morris Worm] that paralysed >70% of the Internet (the discovery of Buffer Overflows also came as quite a shock). All this shows that the security issue is still quite young and still not fought by everyone (a proof is that Microsoft only started taking care of security problems a few years ago).
What's more, there are still millions of bugs and the number of vulnerable systems is growing, as is their complexity, so considering the importance of data processing nowadays it seems obvious that security audits will be even more needed in the future.


next up previous contents
Next: Automation of vulnerability testing Up: The Future of Security Previous: The Future of Security   Contents
Christian Vincenot 2004-04-12