By Topic

SecureRank: A Risk-Based Vulnerability Management Scheme for Computing Infrastructures

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Miura-Ko, R.A. ; Stanford Univ., Stanford ; Bambos, N.

In this paper, we introduce a new scheme called SecureRank for prioritizing vulnerabilities to patch in computing systems/networks. This has become a key issue for IT infrastructures, as large numbers of vulnerabilities are continuously announced and IT administrators devote increasingly more resources to managing them. SecureRank prioritizes vulnerabilities and network nodes to patch based on the percentage of time a random attacker would spend trying to exploit them. Going beyond state-of-the-art approaches, SecureRank takes into account the network topology and potential node interactions in calculating their relative risk and priority. We define two metrics for the security of a network and use them to show how SecureRank outperforms key industry benchmarks in certain natural operational settings. We believe that these findings can be used as a starting point in exploring what defense strategies make sense given topology and attack strategy.

Published in:

Communications, 2007. ICC '07. IEEE International Conference on

Date of Conference:

24-28 June 2007