Ranking vulnerability fixes using planning graph analysis

Tom Gonda; Guy Shani; Rami Puzis; Bracha Shapira

Ranking vulnerability fixes using planning graph analysis

Tom Gonda, Guy Shani, Rami Puzis, Bracha Shapira

Department of Software and Information Systems Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

During the past years logical attack graphs were used to find the most critical vulnerabilities and devise efficient hardening strategies for organizational networks. Most techniques for ranking vulnerabilities either do not scale well, eg brute-force attack plan enumeration, or are not well suited for the analysis of logical attack graphs, eg centrality measures.

Original language	English
Title of host publication	IWAISe: First International Workshop on Artificial Intelligence in Security
Volume	41
State	Published - 2017

Cite this

@inproceedings{3c49679e2f2348b1b68ca7dd9b8f4c13,

title = "Ranking vulnerability fixes using planning graph analysis",

abstract = "During the past years logical attack graphs were used to find the most critical vulnerabilities and devise efficient hardening strategies for organizational networks. Most techniques for ranking vulnerabilities either do not scale well, eg brute-force attack plan enumeration, or are not well suited for the analysis of logical attack graphs, eg centrality measures.",

author = "Tom Gonda and Guy Shani and Rami Puzis and Bracha Shapira",

year = "2017",

language = "English",

volume = "41",

booktitle = "IWAISe: First International Workshop on Artificial Intelligence in Security",

}

TY - GEN

T1 - Ranking vulnerability fixes using planning graph analysis

AU - Gonda, Tom

AU - Shani, Guy

AU - Puzis, Rami

AU - Shapira, Bracha

PY - 2017

Y1 - 2017

N2 - During the past years logical attack graphs were used to find the most critical vulnerabilities and devise efficient hardening strategies for organizational networks. Most techniques for ranking vulnerabilities either do not scale well, eg brute-force attack plan enumeration, or are not well suited for the analysis of logical attack graphs, eg centrality measures.

AB - During the past years logical attack graphs were used to find the most critical vulnerabilities and devise efficient hardening strategies for organizational networks. Most techniques for ranking vulnerabilities either do not scale well, eg brute-force attack plan enumeration, or are not well suited for the analysis of logical attack graphs, eg centrality measures.

M3 - Conference contribution

VL - 41

BT - IWAISe: First International Workshop on Artificial Intelligence in Security

ER -

Ranking vulnerability fixes using planning graph analysis

Abstract

Fingerprint

Cite this