Abstract
Vulnerabilities are security flaws in software and network systems that criminal hackers can exploit to gain an asymmetric advantage. Cyber-Security Operations Centers must routinely triage and patch vulnerabilities in their system(s) to minimize external exposure to attackers. The personnel resources required to address vulnerability remediation tasks are limited and constrained, thus motivating the need for optimization approaches to improve the efficiency of the vulnerability selection process. This paper investigates two different approaches to vulnerability selection for mitigation through (a) Individual Attribute Value Optimization and (b) Multiple Attribute Value Optimization. The former approach presents a methodology that optimizes the selection of vulnerabilities for mitigation with respect to an individual attribute, while the latter approach considers multiple attributes in the vulnerability selection decision-making. Real scan data from a Cyber-Security Operations Center are used to compare the results between the two mathematical approaches. Furthermore, comparisons are made with the results obtained from (a) the actual (baseline) Cyber-Security Operations Center performance, and (b) a vulnerability prioritization algorithm called VULCON that appeared in recent literature.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
