2020 IEEE Conference on Communications and Network Security (CNS) 2020
DOI: 10.1109/cns48642.2020.9162309
|View full text |Cite
|
Sign up to set email alerts
|

A Machine Learning-based Approach for Automated Vulnerability Remediation Analysis

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2

Citation Types

0
3
0

Year Published

2020
2020
2024
2024

Publication Types

Select...
4
2
1

Relationship

0
7

Authors

Journals

citations
Cited by 16 publications
(4 citation statements)
references
References 17 publications
0
3
0
Order By: Relevance
“…Some studies [14]- [19] have reported the need for human expertise in PM due to the increased complexity of security patching and the limitations of the current technologies to provide solutions covering the entire process. However, the authors in [14], [18], [20]- [23] highlighted the significant gap in the required skills and knowledge expertise in PM.…”
Section: Background and Related Workmentioning
confidence: 99%
“…Some studies [14]- [19] have reported the need for human expertise in PM due to the increased complexity of security patching and the limitations of the current technologies to provide solutions covering the entire process. However, the authors in [14], [18], [20]- [23] highlighted the significant gap in the required skills and knowledge expertise in PM.…”
Section: Background and Related Workmentioning
confidence: 99%
“…Many studies have applied machine-learning-based solutions to predict remediation decisions and classify the type of vulnerability in different domains such as power grid and software development. For example, authors in [20] built their decision tree based on data of the asset and vulnerability features for a power grid and reached 97% accuracy. However, their solution is domain-specific and requires manual verification on the small prediction portion to reduce false negatives.…”
Section: Related Workmentioning
confidence: 99%
“…The authors note that evaluation dynamics depend on the time metrics CVSS [2], as well as on the likelihood of vulnerability exploitation. In work [7], the authors developed a vulnerability analysis system based on machine learning (decision tree) in order to prioritize the release of patches. The inputs to the model are CVSS metrics and assets characteristics based on the CVSS baseline metrics.…”
Section: Literature Review and Problem Statementmentioning
confidence: 99%
“…Studies [4][5][6][7], when solving the problem of prioritizing vulnerabilities, highlight the existence and possibility of exploitation as the main characteristic for increasing the threat where X i is the set of strategic vulnerability characteristics that do not depend on the target computer system and can be obtained through publicly accessible databases:…”
Section: Literature Review and Problem Statementmentioning
confidence: 99%