PKG-VUL: Security Vulnerability Evaluation and Patch Framework for Package-Based Systems

Lee, Jong‐Hyouk; Sohn, Sung Won; Chang, Byeng Hee; Chung, Tai-Myoung

doi:10.4218/etrij.09.0108.0578

Cited by 10 publications

(6 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Lee et al (2009) proposed a security vulnerability evaluation and patch framework, which enables evaluation of computer program installed on host to detect known vulnerabilities. After evaluation, the vulnerable computer program is patched with the latest patch code.…”

Section: Introductionmentioning

confidence: 99%

Mutual information-based feature selection for intrusion detection systems

Amiri

Yousefi

Lucas

et al. 2011

Journal of Network and Computer Applications

393

170

View full text Add to dashboard Cite

Section: Introductionmentioning

confidence: 99%

Mutual information-based feature selection for intrusion detection systems

Amiri

Yousefi

Lucas

et al. 2011

Journal of Network and Computer Applications

393

170

View full text Add to dashboard Cite

“…Finding a suitable criteria for evaluating vulnerabilities is a challenge, as demonstrated by the multiple research studies on this subject [18,23,24,[29][30][31][32][33][34][35][36][37][38]. As we mentioned earlier in Section 1, the evaluation stage depends on expert and organizational knowledge.…”

Section: Evaluation Criteria and Patch Scorementioning

confidence: 99%

Automated Context-Aware Vulnerability Risk Management for Patch Prioritization

2022

View full text Add to dashboard Cite

The information-security landscape continuously evolves by discovering new vulnerabilities daily and sophisticated exploit tools. Vulnerability risk management (VRM) is the most crucial cyber defense to eliminate attack surfaces in IT environments. VRM is a cyclical practice of identifying, classifying, evaluating, and remediating vulnerabilities. The evaluation stage of VRM is neither automated nor cost-effective, as it demands great manual administrative efforts to prioritize the patch. Therefore, there is an urgent need to improve the VRM procedure by automating the entire VRM cycle in the context of a given organization. The authors propose automated context-aware VRM (ACVRM), to address the above challenges. This study defines the criteria to consider in the evaluation stage of ACVRM to prioritize the patching. Moreover, patch prioritization is customized in an organization’s context by allowing the organization to select the vulnerability management mode and weigh the selected criteria. Specifically, this study considers four vulnerability evaluation cases: (i) evaluation criteria are weighted homogeneously; (ii) attack complexity and availability are not considered important criteria; (iii) the security score is the only important criteria considered; and (iv) criteria are weighted based on the organization’s risk appetite. The result verifies the proposed solution’s efficiency compared with the Rudder vulnerability management tool (CVE-plugin). While Rudder produces a ranking independent from the scenario, ACVRM can sort vulnerabilities according to the organization’s criteria and context. Moreover, while Rudder randomly sorts vulnerabilities with the same patch score, ACVRM sorts them according to their age, giving a higher security score to older publicly known vulnerabilities.

show abstract

“…Same as previous approach the proposed mechanism was depends on the training data and consequently the set of independent variables (attributes) that enters the analysis is also an issue. A new feature selection based approach for reducing the delay proposed by author in [19]. The approach use expectation maximization to calculate the attribute value of the missing data.…”

Section: Related Workmentioning

confidence: 99%

Efficient Technique for Boosting Attack Detection Rate over a Host or Network System

Sharma¹,

Soni²,

Pradhan³

2016

IJCA

View full text Add to dashboard Cite

In recent years, with the growth of network technologies and its sizes the ratio of attacks has also increases. An attack is an event which has been designed with the aim to bypass the security parameters such as confidentiality, integrity, and/or availability of a standalone computer system or a network. Sometime attacks may cause of heavy loss for an individual, or an organization. To reduce an effect of attacks, it is good to detects at an early stage as it entered in a system or network. However, since the age of computer network number of researchers and industry communities has proposed a variety of exclusive attack detection algorithms in order to prevent information from such threats but each approach has its own problem in their performance. On the other hand most of the accessible techniques use signature base algorithm, detect only previously identified attack types, fails to detect the new attacks and produce huge false alarms so not be suitable for high pace networks. These issues severely restrict the utility of deterrence system. This paper has considered such issues and proposed a novel attack detection technique which generates low false alarms with enhancing the attack detection rate of known as well as anomaly attacks over the network.

show abstract

PKG-VUL: Security Vulnerability Evaluation and Patch Framework for Package-Based Systems

Cited by 10 publications

References 6 publications

Mutual information-based feature selection for intrusion detection systems

Mutual information-based feature selection for intrusion detection systems

Automated Context-Aware Vulnerability Risk Management for Patch Prioritization

Efficient Technique for Boosting Attack Detection Rate over a Host or Network System

Contact Info

Product

Resources

About