Towards Automated Assessment of Vulnerability Exposures in Security Operations
| Autor: | Qinghua Li, Philip Dale Huff |
|---|---|
| Rok vydání: | 2021 |
| Předmět: |
Risk analysis
Exploit Computer science business.industry Context (language use) Asset (computer security) Computer security computer.software_genre Pipeline (software) ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS Firewall (construction) Software business computer Vulnerability (computing) |
| Zdroj: | Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering ISBN: 9783030900182 SecureComm (1) |
| Popis: | Current approaches for risk analysis of software vulnerabilities using manual assessment and numeric scoring do not complete fast enough to keep pace with the maintenance work rate to patch and mitigate the vulnerabilities. This paper proposes a new approach to modeling software vulnerability risk in the context of the network environment and firewall configuration. In the approach, vulnerability features are automatically matched up with networking, target asset, and adversary features to determine whether adversaries can exploit a vulnerability. The ability of adversaries to reach a vulnerability is modeled by automatically identifying the network services associated with vulnerabilities through a pipeline of machine learning and natural language processing and automatically analyzing network reachability. Our results show that the pipeline can identify network services accurately. We also find that only a small number of vulnerabilities pose real risks to a system. However, if left unmitigated, adversarial reach to vulnerabilities may extend to nullify the effect of firewall countermeasures. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|