Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ICC
2007
IEEE
2007
IEEE
SecureRank: A Risk-Based Vulnerability Management Scheme for Computing Infrastructures
— In this paper, we introduce a new scheme called SecureRank for prioritizing vulnerabilities to patch in computing systems/networks. This has become a key issue for IT infrastructures, as large numbers of vulnerabilities are continuously announced and IT administrators devote increasingly more resources to managing them. SecureRank prioritizes vulnerabilities and network nodes to patch based on the percentage of time a random attacker would spend trying to exploit them. Going beyond state-of-the-art approaches, SecureRank takes into account the network topology and potential node interactions in calculating their relative risk and priority. We define two metrics for the security of a network and use them to show how SecureRank outperforms key industry benchmarks in certain natural operational settings. We believe that these findings can be used as a starting point in exploring what defense strategies make sense given topology and attack strategy.
Real-time TrafficCommunications | ICC 2007 | Scheme Called Securerank | SecureRank Prioritizes Vulnerabilities | Vulnerabilities |
| Added | 02 Jun 2010 |
| Updated | 02 Jun 2010 |
| Type | Conference |
| Year | 2007 |
| Where | ICC |
| Authors | Reiko Ann Miura-Ko, Nicholas Bambos |
Comments (0)
Researcher Info
|
