Abstract

Vulnerability remediation is a critical task in operational software and network security management. In this article, an effective vulnerability management strategy, called VULCON (VULnerability CONtrol), is developed and evaluated. The strategy is based on two fundamental performance metrics: (1) time-to-vulnerability remediation (TVR) and (2) total vulnerability exposure (TVE). VULCON takes as input real vulnerability scan reports, metadata about the discovered vulnerabilities, asset criticality, and personnel resources. VULCON uses a mixed-integer multiobjective optimization algorithm to prioritize vulnerabilities for patching, such that the above performance metrics are optimized subject to the given resource constraints. VULCON has been tested on multiple months of real scan data from a cyber-security operations center (CSOC). Results indicate an overall TVE reduction of 8.97% when VULCON optimizes a realistic security analyst workforce’s effort. Additionally, VULCON demonstrates that it can determine monthly resources required to maintain a target TVE score. As such, VULCON provides valuable operational guidance for improving vulnerability response processes in CSOCs.

Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
A Two-Step Approach to Optimal Selection of Alerts for Investigation in a CSOC
Ankit Shah ... Hasan Cam
IEEE Transactions on Information Forensics and Security | VOL. 14
Ankit Shah, et. al.Ankit Shah ... Hasan Cam
01 Jul 2019
A metric-based framework for sustainable production scheduling
Amin Abedini ... I.S Jawahir
Journal of Manufacturing Systems | VOL. 54
Amin Abedini, et. al.Amin Abedini ... I.S Jawahir
24 Dec 2019
A Strategy for Effective Alert Analysis at a Cyber Security Operations Center
Rajesh Ganesan ... Ankit Shah
-
Rajesh Ganesan, et. al.Rajesh Ganesan ... Ankit Shah
01 Jan 2018
Vulnerability Selection for Remediation: An Empirical Analysis
Ankit Shah ... Sushil Jajodia
The Journal of Defense Modeling and Simulation: Applications, Methodology, Technology | VOL. 19
Ankit Shah, et. al.Ankit Shah ... Sushil Jajodia
17 Sep 2019
View more papers

More From: ACM Transactions on Privacy and Security

Paper Title
Journal
Date
Author
Boost Your Immunity: VACCINE for Preventing a Novel Stealthy Slice Selection Attack in 5G and Beyond
Vipin N Sathi ... C Siva Ram Murthy
ACM Transactions on Privacy and Security | VOL. -
Vipin N Sathi, et. al.Vipin N Sathi ... C Siva Ram Murthy
03 Aug 2024
VeriBin: A Malware Authorship Verification Approach for APT Tracking through Explainable and Functionality-Debiasing Adversarial Representation Learning
Weihan Ou ... Sarah Labrosse
ACM Transactions on Privacy and Security | VOL. -
Weihan Ou, et. al.Weihan Ou ... Sarah Labrosse
20 Jul 2024
CBAs: Character-level Backdoor Attacks against Chinese Pre-trained Language Models
Xinyu He ... Liang Chang
ACM Transactions on Privacy and Security | VOL. -
Xinyu He, et. al.Xinyu He ... Liang Chang
12 Jul 2024
PEBASI: A Privacy preserving, Efficient Biometric Authentication Scheme based on Irises
Hasini Gunasinghe ... Elisa Bertino
ACM Transactions on Privacy and Security | VOL. -
Hasini Gunasinghe, et. al.Hasini Gunasinghe ... Elisa Bertino
11 Jul 2024
View more papers