Related papers: Perspectives on risk prioritization of data center vulnerabilities using rank aggregation and multi-objective optimization

Perspectives on risk prioritization of data center vulnerabilities using rank aggregation and multi-objective optimization

URL: http://arxiv.org/abs/2202.07466v1
Date: Sat, 12 Feb 2022 11:10:22 GMT
Title: Perspectives on risk prioritization of data center vulnerabilities using rank aggregation and multi-objective optimization
Authors: Bruno Grisci, Gabriela Kuhn, Felipe Colombelli, V\'itor Matter, Leomar Lima, Karine Heinen, Mauricio Pegoraro, Marcio Borges, Sandro Rigo, Jorge Barbosa, Rodrigo da Rosa Righi, Cristiano Andr\'e da Costa, Gabriel de Oliveira Ramos
Abstract summary: Review intends to present a survey of vulnerability ranking techniques and promote a discussion on how multi-objective optimization could benefit the management of vulnerabilities risk prioritization. The main contribution of this work is to point out multi-objective optimization as a not commonly explored but promising strategy to prioritize vulnerabilities, enabling better time management and increasing security.
Score: 4.675433981885177
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: Nowadays, data has become an invaluable asset to entities and companies, and keeping it secure represents a major challenge. Data centers are responsible for storing data provided by software applications. Nevertheless, the number of vulnerabilities has been increasing every day. Managing such vulnerabilities is essential for building a reliable and secure network environment. Releasing patches to fix security flaws in software is a common practice to handle these vulnerabilities. However, prioritization becomes crucial for organizations with an increasing number of vulnerabilities since time and resources to fix them are usually limited. This review intends to present a survey of vulnerability ranking techniques and promote a discussion on how multi-objective optimization could benefit the management of vulnerabilities risk prioritization. The state-of-the-art approaches for risk prioritization were reviewed, intending to develop an effective model for ranking vulnerabilities in data centers. The main contribution of this work is to point out multi-objective optimization as a not commonly explored but promising strategy to prioritize vulnerabilities, enabling better time management and increasing security.

Related papers

Agent-Driven Automatic Software Improvement [55.2480439325792]
This research proposal aims to explore innovative solutions by focusing on the deployment of agents powered by Large Language Models (LLMs) The iterative nature of agents, which allows for continuous learning and adaptation, can help surpass common challenges in code generation. We aim to use the iterative feedback in these systems to further fine-tune the LLMs underlying the agents, becoming better aligned to the task of automated software improvement.
arXiv Detail & Related papers (2024-06-24T15:45:22Z)
VulZoo: A Comprehensive Vulnerability Intelligence Dataset [12.229092589037808]
VulZoo is a comprehensive vulnerability intelligence dataset that covers 17 popular vulnerability information sources. We make VulZoo publicly available and maintain it with incremental updates to facilitate future research.
arXiv Detail & Related papers (2024-06-24T06:39:07Z)
A Relevance Model for Threat-Centric Ranking of Cybersecurity Vulnerabilities [0.29998889086656577]
The relentless process of tracking and remediating vulnerabilities is a top concern for cybersecurity professionals. We provide a framework for vulnerability management specifically focused on mitigating threats using adversary criteria derived from MITRE ATT&CK. Our results show an average 71.5% - 91.3% improvement towards the identification of vulnerabilities likely to be targeted and exploited by cyber threat actors.
arXiv Detail & Related papers (2024-06-09T23:29:12Z)
SecScore: Enhancing the CVSS Threat Metric Group with Empirical Evidences [0.0]
One of the most widely used vulnerability scoring systems (CVSS) does not address the increasing likelihood of emerging an exploit code. We present SecScore, an innovative vulnerability severity score that enhances CVSS Threat metric group.
arXiv Detail & Related papers (2024-05-14T12:25:55Z)
RigorLLM: Resilient Guardrails for Large Language Models against Undesired Content [62.685566387625975]
Current mitigation strategies, while effective, are not resilient under adversarial attacks. This paper introduces Resilient Guardrails for Large Language Models (RigorLLM), a novel framework designed to efficiently moderate harmful and unsafe inputs.
arXiv Detail & Related papers (2024-03-19T07:25:02Z)
Meta-Learning Priors for Safe Bayesian Optimization [72.8349503901712]
We build on a meta-learning algorithm, F-PACOH, capable of providing reliable uncertainty quantification in settings of data scarcity. As core contribution, we develop a novel framework for choosing safety-compliant priors in a data-riven manner. On benchmark functions and a high-precision motion system, we demonstrate that our meta-learned priors accelerate the convergence of safe BO approaches.
arXiv Detail & Related papers (2022-10-03T08:38:38Z)
Deep VULMAN: A Deep Reinforcement Learning-Enabled Cyber Vulnerability Management Framework [4.685954926214926]
Cyber vulnerability management is a critical function of a cybersecurity operations center (CSOC) that helps protect organizations against cyber-attacks on their computer and network systems. The current approaches are deterministic and one-time decision-making methods, which do not consider future uncertainties when prioritizing and selecting vulnerabilities for mitigation. We propose a novel framework, Deep VULMAN, consisting of a deep reinforcement learning agent and an integer programming method to fill this gap in the cyber vulnerability management process.
arXiv Detail & Related papers (2022-08-03T22:32:48Z)
Towards an Improved Understanding of Software Vulnerability Assessment Using Data-Driven Approaches [0.0]
The thesis advances the field of software security by providing knowledge and automation support for software vulnerability assessment. The key contributions include a systematisation of knowledge, along with a suite of novel data-driven techniques.
arXiv Detail & Related papers (2022-07-24T10:22:28Z)
VELVET: a noVel Ensemble Learning approach to automatically locate VulnErable sTatements [62.93814803258067]
This paper presents VELVET, a novel ensemble learning approach to locate vulnerable statements in source code. Our model combines graph-based and sequence-based neural networks to successfully capture the local and global context of a program graph. VELVET achieves 99.6% and 43.6% top-1 accuracy over synthetic data and real-world data, respectively.
arXiv Detail & Related papers (2021-12-20T22:45:27Z)
Dataset Security for Machine Learning: Data Poisoning, Backdoor Attacks, and Defenses [150.64470864162556]
This work systematically categorizes and discusses a wide range of dataset vulnerabilities and exploits. In addition to describing various poisoning and backdoor threat models and the relationships among them, we develop their unified taxonomy.
arXiv Detail & Related papers (2020-12-18T22:38:47Z)
Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance. We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems. We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
arXiv Detail & Related papers (2020-10-19T13:09:31Z)

This list is automatically generated from the titles and abstracts of the papers in this site.