• DocumentCode
    1943543
  • Title

    Analysing the Performance of Security Solutions to Reduce Vulnerability Exposure Window

  • Author

    Beres, Yolanta ; Griffin, Jonathan ; Shiu, Simon ; Heitman, Max ; Markle, David ; Ventura, Peter

  • fYear
    2008
  • fDate
    8-12 Dec. 2008
  • Firstpage
    33
  • Lastpage
    42
  • Abstract
    In this paper we present a novel approach of using mathematical models and stochastic simulations to guide and inform security investment and policy change decisions. In particular, we investigate vulnerability management policies, and explore how effective standard patch management and emergency escalation based policies are, and how they can be combined with earlier, pre-patch mitigation measures to reduce the potential exposure window. The paper describes the model we constructed to represent typical vulnerability management processes in large organizations, which captures the external threat environment and the internal security processes and decision points. We also present the results from the experimental simulations, and show how changes in security solutions and policies, such as speeding up patch deployment and investing in early mitigation measures, affect the overall exposure window in terms of the time it takes to reduce the potential risk. We believe that this type of mathematical modelling and simulation-based approach provides a novel and useful way of considering security investment decisions, which is quite distinct from traditional risk analysis.
  • Keywords
    mathematical analysis; risk analysis; security; stochastic processes; emergency escalation; mathematical models; patch management; policy change decisions; risk analysis; security investment; security solutions; stochastic simulations; vulnerability exposure window; vulnerability management policies; Disaster management; Environmental management; Investments; Mathematical model; Measurement standards; Particle measurements; Performance analysis; Security; Stochastic processes; Velocity measurement; modeling; risk analysis; security investment; simulation; vulnerability and threat management;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Security Applications Conference, 2008. ACSAC 2008. Annual
  • Conference_Location
    Anaheim, CA
  • ISSN
    1063-9527
  • Print_ISBN
    978-0-7695-3447-3
  • Type

    conf

  • DOI
    10.1109/ACSAC.2008.42
  • Filename
    4721542