Vulnerability Management Chaining: An Integrated Framework for Efficient Cybersecurity Risk Prioritization

• URL: http://arxiv.org/abs/2506.01220v3
• Date: Thu, 10 Jul 2025 15:13:08 GMT
• Title: Vulnerability Management Chaining: An Integrated Framework for Efficient Cybersecurity Risk Prioritization
• Authors: Naoyuki Shimizu, Masaki Hashimoto,
• Abstract summary: We present Vulnerability Management Chaining, a decision tree framework to achieve efficient vulnerability prioritization.<n>Our framework employs a two-stage evaluation process: first applying threat-based filtering using KEV membership or EPSS threshold $geq$ 0.088, then applying vulnerability severity assessment using CVSS scores $geq$ 7.0) to enable informed deprioritization.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: As the number of Common Vulnerabilities and Exposures (CVE) continues to grow exponentially, security teams face increasingly difficult decisions about prioritization. Current approaches using Common Vulnerability Scoring System (CVSS) scores produce overwhelming volumes of high-priority vulnerabilities, while Exploit Prediction Scoring System (EPSS) and Known Exploited Vulnerabilities (KEV) catalog offer valuable but incomplete perspectives on actual exploitation risk. We present Vulnerability Management Chaining, a decision tree framework that systematically integrates these three approaches to achieve efficient vulnerability prioritization. Our framework employs a two-stage evaluation process: first applying threat-based filtering using KEV membership or EPSS threshold $\geq$ 0.088), then applying vulnerability severity assessment using CVSS scores $\geq$ 7.0) to enable informed deprioritization. Experimental validation using 28,377 real-world vulnerabilities and vendor-reported exploitation data demonstrates 18-fold efficiency improvements while maintaining 85.6\% coverage. Organizations can reduce urgent remediation workload by approximately 95\%. The integration identifies 48 additional exploited vulnerabilities that neither KEV nor EPSS captures individually. Our framework uses exclusively open-source data, enabling immediate adoption regardless of organizational resources.

Related papers

• WebGuard: Building a Generalizable Guardrail for Web Agents [59.31116061613742]
  WebGuard is the first dataset designed to support the assessment of web agent action risks.<n>It contains 4,939 human-annotated actions from 193 websites across 22 diverse domains.
  arXiv  Detail & Related papers  (2025-07-18T18:06:27Z)
• VLAI: A RoBERTa-Based Model for Automated Vulnerability Severity Classification [49.1574468325115]
  Built on RoBERTa, VLAI is fine-tuned on over 600,000 real-world vulnerabilities.<n>The model and dataset are open-source and integrated into the Vulnerability-Lookup service.
  arXiv  Detail & Related papers  (2025-07-04T14:28:14Z)
• PoCGen: Generating Proof-of-Concept Exploits for Vulnerabilities in Npm Packages [16.130469984234956]
  PoCGen is a novel approach to autonomously generate and validate PoC exploits for vulnerabilities in npm packages.<n>This is the first fully autonomous approach to use large language models (LLMs) in tandem with static and dynamic analysis techniques for PoC exploit generation.
  arXiv  Detail & Related papers  (2025-06-05T12:37:33Z)
• CyberGym: Evaluating AI Agents' Cybersecurity Capabilities with Real-World Vulnerabilities at Scale [46.76144797837242]
  Large language model (LLM) agents are becoming increasingly skilled at handling cybersecurity tasks autonomously.<n>Existing benchmarks fall short, often failing to capture real-world scenarios or being limited in scope.<n>We introduce CyberGym, a large-scale and high-quality cybersecurity evaluation framework featuring 1,507 real-world vulnerabilities.
  arXiv  Detail & Related papers  (2025-06-03T07:35:14Z)
• BadVLA: Towards Backdoor Attacks on Vision-Language-Action Models via Objective-Decoupled Optimization [45.97834622654751]
  BadVLA is a backdoor attack method based on Objective-Decoupled Optimization.<n>We show that BadVLA consistently achieves near-100% attack success rates with minimal impact on clean task accuracy.<n>Our work offers the first systematic investigation of backdoor vulnerabilities in VLA models.
  arXiv  Detail & Related papers  (2025-05-22T13:12:46Z)
• CVE-LLM : Ontology-Assisted Automatic Vulnerability Evaluation Using Large Language Models [5.4164548928725065]
  National Database (NVD) publishes over a thousand new vulnerabilities monthly, with a projected 25 percent increase in 2024.<n>We propose using large language models (LLMs) to learn vulnerability evaluation from historical assessments of medical device vulnerabilities in a single manufacturer's portfolio.
  arXiv  Detail & Related papers  (2025-02-21T20:59:15Z)
• SoK: Understanding Vulnerabilities in the Large Language Model Supply Chain [8.581429744090316]
  This study systematically analyzes 529 vulnerabilities reported across 75 prominent projects spanning 13 lifecycle stages.<n>The findings show that vulnerabilities are concentrated in the application (50.3%) and model (42.7%) layers.<n>While 56.7% of the vulnerabilities have available fixes, 8% of these patches are ineffective, resulting in recurring vulnerabilities.
  arXiv  Detail & Related papers  (2025-02-18T03:22:38Z)
• A Relevance Model for Threat-Centric Ranking of Cybersecurity Vulnerabilities [0.29998889086656577]
  The relentless process of tracking and remediating vulnerabilities is a top concern for cybersecurity professionals. We provide a framework for vulnerability management specifically focused on mitigating threats using adversary criteria derived from MITRE ATT&CK. Our results show an average 71.5% - 91.3% improvement towards the identification of vulnerabilities likely to be targeted and exploited by cyber threat actors.
  arXiv  Detail & Related papers  (2024-06-09T23:29:12Z)
• Rethinking the Vulnerabilities of Face Recognition Systems:From a Practical Perspective [53.24281798458074]
  Face Recognition Systems (FRS) have increasingly integrated into critical applications, including surveillance and user authentication. Recent studies have revealed vulnerabilities in FRS to adversarial (e.g., adversarial patch attacks) and backdoor attacks (e.g., training data poisoning)
  arXiv  Detail & Related papers  (2024-05-21T13:34:23Z)
• SecScore: Enhancing the CVSS Threat Metric Group with Empirical Evidences [0.0]
  One of the most widely used vulnerability scoring systems (CVSS) does not address the increasing likelihood of emerging an exploit code. We present SecScore, an innovative vulnerability severity score that enhances CVSS Threat metric group.
  arXiv  Detail & Related papers  (2024-05-14T12:25:55Z)
• FaultGuard: A Generative Approach to Resilient Fault Prediction in Smart Electrical Grids [53.2306792009435]
  FaultGuard is the first framework for fault type and zone classification resilient to adversarial attacks. We propose a low-complexity fault prediction model and an online adversarial training technique to enhance robustness. Our model outclasses the state-of-the-art for resilient fault prediction benchmarking, with an accuracy of up to 0.958.
  arXiv  Detail & Related papers  (2024-03-26T08:51:23Z)
• A Zero Trust Framework for Realization and Defense Against Generative AI Attacks in Power Grid [62.91192307098067]
  This paper proposes a novel zero trust framework for a power grid supply chain (PGSC) It facilitates early detection of potential GenAI-driven attack vectors, assessment of tail risk-based stability measures, and mitigation of such threats. Experimental results show that the proposed zero trust framework achieves an accuracy of 95.7% on attack vector generation, a risk measure of 9.61% for a 95% stable PGSC, and a 99% confidence in defense against GenAI-driven attack.
  arXiv  Detail & Related papers  (2024-03-11T02:47:21Z)
• Unveiling Hidden Links Between Unseen Security Entities [3.7138962865789353]
  VulnScopper is an innovative approach that utilizes multi-modal representation learning, combining Knowledge Graphs (KG) and Natural Processing (NLP) We evaluate VulnScopper on two major security datasets, the National Vulnerability Database (NVD) and the Red Hat CVE database. Our results show that VulnScopper outperforms existing methods, achieving up to 78% Hits@10 accuracy in linking CVEs to Common Vulnerabilities and Exposures (CWEs), and Common Platform Languageions (CPEs)
  arXiv  Detail & Related papers  (2024-03-04T13:14:39Z)
• G$^2$uardFL: Safeguarding Federated Learning Against Backdoor Attacks through Attributed Client Graph Clustering [116.4277292854053]
  Federated Learning (FL) offers collaborative model training without data sharing. FL is vulnerable to backdoor attacks, where poisoned model weights lead to compromised system integrity. We present G$2$uardFL, a protective framework that reinterprets the identification of malicious clients as an attributed graph clustering problem.
  arXiv  Detail & Related papers  (2023-06-08T07:15:04Z)
• Free Lunch for Generating Effective Outlier Supervision [46.37464572099351]
  We propose an ultra-effective method to generate near-realistic outlier supervision. Our proposed textttBayesAug significantly reduces the false positive rate over 12.50% compared with the previous schemes.
  arXiv  Detail & Related papers  (2023-01-17T01:46:45Z)
• Vulnerability Prioritization: An Offensive Security Approach [1.6911982356562938]
  We propose a new way of prioritizing vulnerabilities. Our approach is inspired by how offensive security practitioners perform penetration testing. We evaluate our approach with a real world case study for a large client, and the accuracy of machine learning to automate the process end to end.
  arXiv  Detail & Related papers  (2022-06-22T15:43:41Z)
• Certifiers Make Neural Networks Vulnerable to Availability Attacks [70.69104148250614]
  We show for the first time that fallback strategies can be deliberately triggered by an adversary. In addition to naturally occurring abstains for some inputs and perturbations, the adversary can use training-time attacks to deliberately trigger the fallback. We design two novel availability attacks, which show the practical relevance of these threats.
  arXiv  Detail & Related papers  (2021-08-25T15:49:10Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.