Attack potential in impact and complexity

L. Allodi, F. Massacci

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/CongresprocedureConferentiebijdrageAcademicpeer review

1 Citaat (Scopus)

Samenvatting

Vulnerability exploitation is reportedly one of the main attack vectors against computer systems. Yet, most vulnerabilities remain unexploited by attackers. It is therefore of central importance to identify vulnerabilities that carry a high 'potential for attack'. In this paper we rely on Symantec data on real attacks detected in the wild to identify a trade-off in the Impact and Complexity of a vulnerability, in terms of attacks that it generates; exploiting this effect, we devise a readily computable estimator of the vulnerability's Attack Potential that reliably estimates the expected volume of attacks against the vulnerability. We evaluate our estimator performance against standard patching policies by measuring foiled attacks and demanded workload expressed as the number of vulnerabilities entailed to patch. We show that our estimator significantly improves over standard patching policies by ruling out low-risk vulnerabilities, while maintaining invariant levels of coverage against attacks in the wild. Our estimator can be used as a first aid for vulnerability prioritisation to focus assessment efforts on high-potential vulnerabilities.

Originele taal-2Engels
TitelInternational Conference on Availability, Reliability and Security, ARES 2017, 29 August - 1 September 2017, Reggio Calabria, Italy
Plaats van productieNew York
UitgeverijAssociation for Computing Machinery, Inc
ISBN van elektronische versie9781450352574
ISBN van geprinte versie978-1-4503-5257-4
DOI's
StatusGepubliceerd - 29 aug. 2017
EvenementInternational Conference on Availability, Reliability and Security,ARES2017, 29 August- 1st September 2017 - Reggio Calabria, Italië
Duur: 29 aug. 20171 sep. 2017
https://www.ares-conference.eu

Congres

CongresInternational Conference on Availability, Reliability and Security,ARES2017, 29 August- 1st September 2017
Verkorte titelARES2017
Land/RegioItalië
StadReggio Calabria
Periode29/08/171/09/17
Internet adres

Vingerafdruk

Duik in de onderzoeksthema's van 'Attack potential in impact and complexity'. Samen vormen ze een unieke vingerafdruk.

Citeer dit