Prioritizing vulnerability patches in large networks

作者:

Highlights:

• Ranking vulnerability fixes based on the machine position within large networks.

• A metric for computing vulnerability importance based on automated planning.

• A user interface for displaying vulnerability information to security experts.

• Experiments on real networks of large organizations.

• Expert study with security practitioners in large organizations.

摘要

•Ranking vulnerability fixes based on the machine position within large networks.•A metric for computing vulnerability importance based on automated planning.•A user interface for displaying vulnerability information to security experts.•Experiments on real networks of large organizations.•Expert study with security practitioners in large organizations.

论文关键词:Knowledge presentation,Decision support systems,Attack graph,Visualization,Security applications,Expert study

论文评审过程:Received 10 January 2021, Revised 17 December 2021, Accepted 24 December 2021, Available online 12 January 2022, Version of Record 20 January 2022.

论文官网地址:https://doi.org/10.1016/j.eswa.2021.116467