Vulnerability Selection for Remediation: An Empirical Analysis-Reference-Cited by-同舟云学术

Vulnerability Selection for Remediation: An Empirical Analysis

Published:2019-09-17 Issue: Volume: Page:154851291987412
ISSN:1548-5129
Container-title:The Journal of Defense Modeling and Simulation: Applications, Methodology, Technology
language:en
Short-container-title:Journal of Defense Modeling & Simulation

Author:

Shah Ankit¹^ORCID,Farris Katheryn A.²,Ganesan Rajesh³,Jajodia Sushil³

Affiliation:

1. University of South Florida, USA

2. Microsoft, Redmond, WA, USA

3. George Mason University, Fairfax, VA, USA

Abstract

Vulnerabilities are security flaws in software and network systems that criminal hackers can exploit to gain an asymmetric advantage. Cyber-Security Operations Centers must routinely triage and patch vulnerabilities in their system(s) to minimize external exposure to attackers. The personnel resources required to address vulnerability remediation tasks are limited and constrained, thus motivating the need for optimization approaches to improve the efficiency of the vulnerability selection process. This paper investigates two different approaches to vulnerability selection for mitigation through (a) Individual Attribute Value Optimization and (b) Multiple Attribute Value Optimization. The former approach presents a methodology that optimizes the selection of vulnerabilities for mitigation with respect to an individual attribute, while the latter approach considers multiple attributes in the vulnerability selection decision-making. Real scan data from a Cyber-Security Operations Center are used to compare the results between the two mathematical approaches. Furthermore, comparisons are made with the results obtained from (a) the actual (baseline) Cyber-Security Operations Center performance, and (b) a vulnerability prioritization algorithm called VULCON that appeared in recent literature.

Funder

Office of Naval Research

Army Research Office

Publisher

SAGE Publications

Subject

Engineering (miscellaneous),Modelling and Simulation

Link

http://journals.sagepub.com/doi/pdf/10.1177/1548512919874129

Reference16 articles.

1. Mell P, Scarfone K, Romanosky S. A complete guide to the common vulnerability scoring system version 2.0, https://www.first.org/cvss/v2/cvss-v2-guide.pdf (2007, accessed 29 September 2017).

2. Wynn J, Whitmore J, Upton G, et al. Threat assessment and remediation process. Technical Report Project No. W15P7T-10-C-F600, MITRE, October, 2011.

3. Security Patch Management: Share the Burden or Share the Damage?

Cited by 11 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Alert Prioritisation in Security Operations Centres: A Systematic Survey on Criteria and Methods;ACM Computing Surveys;2024-09-14

2. A Methodical Approach to Exploiting Vulnerabilities and Countermeasures Using AI;Advances in Digital Crime, Forensics, and Cyber Terrorism;2024-09-13

3. Applied Machine Learning for Information Security;Digital Threats: Research and Practice;2024-03-31

4. Statistical modeling of cargo securing on selected military trucks and road surfaces;The Journal of Defense Modeling and Simulation: Applications, Methodology, Technology;2024-01-23

5. Automated Patch Management: An Empirical Evaluation Study;2023 IEEE International Conference on Cyber Security and Resilience (CSR);2023-07-31