Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Normalization Framework for Vulnerability Risk Management in Cloud
Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.ORCID iD: 0000-0002-0128-4127
Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.ORCID iD: 0000-0003-4494-9851
Blekinge Institute of Technology, Faculty of Computing, Department of Computer Science.ORCID iD: 0000-0002-3118-5058
2021 (English)In: Proceedings - 2021 International Conference on Future Internet of Things and Cloud, FiCloud 2021, IEEE, 2021, p. 99-106Conference paper, Published paper (Refereed)
Abstract [en]

Vulnerability Risk Management (VRM) is a critical element in cloud security that directly impacts cloud providers’ security assurance levels. Today, VRM is a challenging process because of the dramatic increase of known vulnerabilities (+26% in the last five years), and because it is even more dependent on the organization’s context. Moreover, the vulnerability’s severity score depends on the Vulnerability Database (VD) selected as a reference in VRM. All these factors introduce a new challenge for security specialists in evaluating and patching the vulnerabilities. This study provides a framework to improve the classification and evaluation phases in vulnerability risk management while using multiple vulnerability databases as a reference. Our solution normalizes the severity score of each vulnerability based on the selected security assurance level. The results of our study highlighted the role of the vulnerability databases in patch prioritization, showing the advantage of using multiple VDs.

Place, publisher, year, edition, pages
IEEE, 2021. p. 99-106
Keywords [en]
Risk Assessment, Vulnerability, Cloud security
National Category
Computer Systems
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:bth-22100DOI: 10.1109/FiCloud49777.2021.00022Scopus ID: 2-s2.0-85115338714OAI: oai:DiVA.org:bth-22100DiVA, id: diva2:1590543
Conference
8th International Conference on Future Internet of Things and Cloud, FiCloud 2021, Virtual, Online, 23 August through 25 August 2021
Available from: 2021-09-02 Created: 2021-09-02 Last updated: 2023-06-07Bibliographically approved
In thesis
1. Towards Automated Context-aware Vulnerability Risk Management
Open this publication in new window or tab >>Towards Automated Context-aware Vulnerability Risk Management
2023 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

The information security landscape continually evolves with increasing publicly known vulnerabilities (e.g., 25064 new vulnerabilities in 2022). Vulnerabilities play a prominent role in all types of security related attacks, including ransomware and data breaches. Vulnerability Risk Management (VRM) is an essential cyber defense mechanism to eliminate or reduce attack surfaces in information technology. VRM is a continuous procedure of identification, classification, evaluation, and remediation of vulnerabilities. The traditional VRM procedure is time-consuming as classification, evaluation, and remediation require skills and knowledge of specific computer systems, software, network, and security policies. Activities requiring human input slow down the VRM process, increasing the risk of exploiting a vulnerability.

The thesis introduces the Automated Context-aware Vulnerability Risk Management (ACVRM) methodology to improve VRM procedures by automating the entire VRM cycle and reducing the procedure time and experts' intervention. ACVRM focuses on the challenging stages (i.e., classification, evaluation, and remediation) of VRM to support security experts in promptly prioritizing and patching the vulnerabilities. 

ACVRM concept is designed and implemented in a test environment for proof of concept. The efficiency of patch prioritization by ACVRM compared against a commercial vulnerability management tool (i.e., Rudder). ACVRM prioritized the vulnerability based on the patch score (i.e., the numeric representation of the vulnerability characteristic and the risk), the historical data, and dependencies. The experiments indicate that ACVRM could rank the vulnerabilities in the organization's context by weighting the criteria used in patch score calculation. The automated patch deployment is implemented with three use cases to investigate the impact of learning from historical events and dependencies on the success rate of the patch and human intervention. Our finding shows that ACVRM reduced the need for human actions, increased the ratio of successfully patched vulnerabilities, and decreased the cycle time of VRM process.

Place, publisher, year, edition, pages
Karlskrona: Blekinge Tekniska Högskola, 2023. p. 136
Series
Blekinge Institute of Technology Doctoral Dissertation Series, ISSN 1653-2090 ; 2023:07
Keywords
Vulnerability Risk Management, VRM, Automated Context-Aware Vulnerability Risk Management, ACVRM, Information security
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:bth-24468 (URN)978-91-7295-459-5 (ISBN)
Public defence
2023-06-15, J1630 + Zoom, CAMPUS GRASVIK, KARLSKRONA, 13:00 (English)
Opponent
Supervisors
Note

In reference to IEEE copyrighted material which is used with permission in this thesis, the IEEE does not endorse any of BTH's products or services. Internal or personal use of this material is permitted. If interested in reprinting/republishing IEEE copyrighted material for advertising or promotional purposes or for creating new collective works for resale or redistribution, please go to http://www.ieee.org/publications_standards/publications/rights/rights_link.html to learn how to obtain a License from RightsLink. If applicable, University Microfilms and/or ProQuest Library, or the Archives of Canada may supply single copies of the dissertation.

Available from: 2023-04-25 Created: 2023-04-24 Last updated: 2023-09-19Bibliographically approved

Open Access in DiVA

fulltext(367 kB)870 downloads
File information
File name FULLTEXT01.pdfFile size 367 kBChecksum SHA-512
25b2cb501d485ef63f25caa00399ace706f02792f75393e6118fe2c5cf1e6d9edc993b06523853ccb6d74c98b9ee3a742557f9b035092baab8b34529c651feb5
Type fulltextMimetype application/pdf

Other links

Publisher's full textScopus

Authority records

Ahmadi Mehri, VidaArlos, PatrikCasalicchio, Emiliano

Search in DiVA

By author/editor
Ahmadi Mehri, VidaArlos, PatrikCasalicchio, Emiliano
By organisation
Department of Computer Science
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 870 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 1276 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf