What vulnerability do we need to patch first?

Jin B. Hong, Dong Seong Kim, Abdelkrim Haqiq

Research output: Chapter in Book/Conference paperConference paper

1 Citation (Scopus)

Abstract

Computing a prioritized set of vulnerabilities to patch is important for system administrators to determine the order of vulnerabilities to be patched that are more critical to the network security. One way to assess and analyze security to find vulnerabilities to be patched is to use attack representation models (ARMs). However, security solutions using ARMs are optimized for only the current state of the networked system. Therefore, the ARM must reanalyze the network security, causing multiple iterations of the same task to obtain the prioritized set of vulnerabilities to patch. To address this problem, we propose to use importance measures to rank network hosts and vulnerabilities, then combine these measures to prioritize the order of vulnerabilities to be patched. We show that nearly equivalent prioritized set of vulnerabilities can be computed in comparison to an exhaustive search method in various network scenarios, while the performance of computing the set is dramatically improved, while equivalent solutions are computed in various network scenarios.

Original languageEnglish
Title of host publicationProceedings of the International Conference on Dependable Systems and Networks
Place of PublicationUnited States
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages684-689
Number of pages6
ISBN (Electronic)9781479922338
DOIs
Publication statusPublished - 18 Sep 2014
Externally publishedYes
Event44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2014 - Atlanta, United States
Duration: 23 Jun 201426 Jun 2014

Conference

Conference44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2014
CountryUnited States
CityAtlanta
Period23/06/1426/06/14

Fingerprint

Network security

Cite this

Hong, J. B., Kim, D. S., & Haqiq, A. (2014). What vulnerability do we need to patch first? In Proceedings of the International Conference on Dependable Systems and Networks (pp. 684-689). [6903625] United States: IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/DSN.2014.68
Hong, Jin B. ; Kim, Dong Seong ; Haqiq, Abdelkrim. / What vulnerability do we need to patch first?. Proceedings of the International Conference on Dependable Systems and Networks. United States : IEEE, Institute of Electrical and Electronics Engineers, 2014. pp. 684-689
@inproceedings{f56383d7aa0f42aba968d560ff00d770,
title = "What vulnerability do we need to patch first?",
abstract = "Computing a prioritized set of vulnerabilities to patch is important for system administrators to determine the order of vulnerabilities to be patched that are more critical to the network security. One way to assess and analyze security to find vulnerabilities to be patched is to use attack representation models (ARMs). However, security solutions using ARMs are optimized for only the current state of the networked system. Therefore, the ARM must reanalyze the network security, causing multiple iterations of the same task to obtain the prioritized set of vulnerabilities to patch. To address this problem, we propose to use importance measures to rank network hosts and vulnerabilities, then combine these measures to prioritize the order of vulnerabilities to be patched. We show that nearly equivalent prioritized set of vulnerabilities can be computed in comparison to an exhaustive search method in various network scenarios, while the performance of computing the set is dramatically improved, while equivalent solutions are computed in various network scenarios.",
keywords = "Attack Representation Model, Network Centrality, Security Analysis, Security Management, Security Metrics, Vulnerability Patch",
author = "Hong, {Jin B.} and Kim, {Dong Seong} and Abdelkrim Haqiq",
year = "2014",
month = "9",
day = "18",
doi = "10.1109/DSN.2014.68",
language = "English",
pages = "684--689",
booktitle = "Proceedings of the International Conference on Dependable Systems and Networks",
publisher = "IEEE, Institute of Electrical and Electronics Engineers",
address = "United States",

}

Hong, JB, Kim, DS & Haqiq, A 2014, What vulnerability do we need to patch first? in Proceedings of the International Conference on Dependable Systems and Networks., 6903625, IEEE, Institute of Electrical and Electronics Engineers, United States, pp. 684-689, 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2014, Atlanta, United States, 23/06/14. https://doi.org/10.1109/DSN.2014.68

What vulnerability do we need to patch first? / Hong, Jin B.; Kim, Dong Seong; Haqiq, Abdelkrim.

Proceedings of the International Conference on Dependable Systems and Networks. United States : IEEE, Institute of Electrical and Electronics Engineers, 2014. p. 684-689 6903625.

Research output: Chapter in Book/Conference paperConference paper

TY - GEN

T1 - What vulnerability do we need to patch first?

AU - Hong, Jin B.

AU - Kim, Dong Seong

AU - Haqiq, Abdelkrim

PY - 2014/9/18

Y1 - 2014/9/18

N2 - Computing a prioritized set of vulnerabilities to patch is important for system administrators to determine the order of vulnerabilities to be patched that are more critical to the network security. One way to assess and analyze security to find vulnerabilities to be patched is to use attack representation models (ARMs). However, security solutions using ARMs are optimized for only the current state of the networked system. Therefore, the ARM must reanalyze the network security, causing multiple iterations of the same task to obtain the prioritized set of vulnerabilities to patch. To address this problem, we propose to use importance measures to rank network hosts and vulnerabilities, then combine these measures to prioritize the order of vulnerabilities to be patched. We show that nearly equivalent prioritized set of vulnerabilities can be computed in comparison to an exhaustive search method in various network scenarios, while the performance of computing the set is dramatically improved, while equivalent solutions are computed in various network scenarios.

AB - Computing a prioritized set of vulnerabilities to patch is important for system administrators to determine the order of vulnerabilities to be patched that are more critical to the network security. One way to assess and analyze security to find vulnerabilities to be patched is to use attack representation models (ARMs). However, security solutions using ARMs are optimized for only the current state of the networked system. Therefore, the ARM must reanalyze the network security, causing multiple iterations of the same task to obtain the prioritized set of vulnerabilities to patch. To address this problem, we propose to use importance measures to rank network hosts and vulnerabilities, then combine these measures to prioritize the order of vulnerabilities to be patched. We show that nearly equivalent prioritized set of vulnerabilities can be computed in comparison to an exhaustive search method in various network scenarios, while the performance of computing the set is dramatically improved, while equivalent solutions are computed in various network scenarios.

KW - Attack Representation Model

KW - Network Centrality

KW - Security Analysis

KW - Security Management

KW - Security Metrics

KW - Vulnerability Patch

UR - http://www.scopus.com/inward/record.url?scp=84912091079&partnerID=8YFLogxK

U2 - 10.1109/DSN.2014.68

DO - 10.1109/DSN.2014.68

M3 - Conference paper

SP - 684

EP - 689

BT - Proceedings of the International Conference on Dependable Systems and Networks

PB - IEEE, Institute of Electrical and Electronics Engineers

CY - United States

ER -

Hong JB, Kim DS, Haqiq A. What vulnerability do we need to patch first? In Proceedings of the International Conference on Dependable Systems and Networks. United States: IEEE, Institute of Electrical and Electronics Engineers. 2014. p. 684-689. 6903625 https://doi.org/10.1109/DSN.2014.68