What vulnerability do we need to patch first?

Jin B. Hong, Dong Seong Kim, Abdelkrim Haqiq

Research output: Chapter in Book/Conference paperConference paperpeer-review

18 Citations (Scopus)

Abstract

Computing a prioritized set of vulnerabilities to patch is important for system administrators to determine the order of vulnerabilities to be patched that are more critical to the network security. One way to assess and analyze security to find vulnerabilities to be patched is to use attack representation models (ARMs). However, security solutions using ARMs are optimized for only the current state of the networked system. Therefore, the ARM must reanalyze the network security, causing multiple iterations of the same task to obtain the prioritized set of vulnerabilities to patch. To address this problem, we propose to use importance measures to rank network hosts and vulnerabilities, then combine these measures to prioritize the order of vulnerabilities to be patched. We show that nearly equivalent prioritized set of vulnerabilities can be computed in comparison to an exhaustive search method in various network scenarios, while the performance of computing the set is dramatically improved, while equivalent solutions are computed in various network scenarios.

Original languageEnglish
Title of host publicationProceedings of the International Conference on Dependable Systems and Networks
Place of PublicationUnited States
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages684-689
Number of pages6
ISBN (Electronic)9781479922338
DOIs
Publication statusPublished - 18 Sep 2014
Externally publishedYes
Event44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2014 - Atlanta, United States
Duration: 23 Jun 201426 Jun 2014

Conference

Conference44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2014
Country/TerritoryUnited States
CityAtlanta
Period23/06/1426/06/14

Fingerprint

Dive into the research topics of 'What vulnerability do we need to patch first?'. Together they form a unique fingerprint.

Cite this