Share Email Print
cover

Proceedings Paper

Vulnerability survival analysis: a novel approach to vulnerability management
Author(s): Katheryn A. Farris; John Sullivan; George Cybenko
Format Member Price Non-Member Price
PDF $17.00 $21.00

Paper Abstract

Computer security vulnerabilities span across large, enterprise networks and have to be mitigated by security engineers on a routine basis. Presently, security engineers will assess their “risk posture” through quantifying the number of vulnerabilities with a high Common Vulnerability Severity Score (CVSS). Yet, little to no attention is given to the length of time by which vulnerabilities persist and survive on the network. In this paper, we review a novel approach to quantifying the length of time a vulnerability persists on the network, its time-to-death, and predictors of lower vulnerability survival rates. Our contribution is unique in that we apply the cox proportional hazards regression model to real data from an operational IT environment. This paper provides a mathematical overview of the theory behind survival analysis methods, a description of our vulnerability data, and an interpretation of the results.

Paper Details

Date Published: 5 May 2017
PDF: 14 pages
Proc. SPIE 10184, Sensors, and Command, Control, Communications, and Intelligence (C3I) Technologies for Homeland Security, Defense, and Law Enforcement Applications XVI, 101840H (5 May 2017); doi: 10.1117/12.2266378
Show Author Affiliations
Katheryn A. Farris, Thayer School of Engineering at Dartmouth (United States)
John Sullivan, Thayer School of Engineering at Dartmouth (United States)
George Cybenko, Thayer School of Engineering at Dartmouth (United States)


Published in SPIE Proceedings Vol. 10184:
Sensors, and Command, Control, Communications, and Intelligence (C3I) Technologies for Homeland Security, Defense, and Law Enforcement Applications XVI
Edward M. Carapezza, Editor(s)

© SPIE. Terms of Use
Back to Top
PREMIUM CONTENT
Sign in to read the full article
Create a free SPIE account to get access to
premium articles and original research
Forgot your username?
close_icon_gray