Advanced search
Start date
Betweenand


Multi-objective prioritization for data center vulnerability remediation

Full text
Author(s):
Show less -
Colombelli, Felipe ; Matter, Vitor Kehl ; Grisci, Bruno Iochins ; Lima, Leomar ; Heinen, Karine ; Borges, Marcio ; Rigo, Sandro Jose ; Victoria Barbosa, Jorge Luis ; Righi, Rodrigo Da Rosa ; da Costa, Cristiano Andre ; Ramos, Gabriel De Oliveira ; IEEE
Total Authors: 12
Document type: Journal article
Source: 2022 IEEE CONGRESS ON EVOLUTIONARY COMPUTATION (CEC); v. N/A, p. 8-pg., 2022-01-01.
Abstract

Nowadays, one of the most relevant challenges of a data center is to keep its information secure. To avoid data leaks and other security problems, data centers have to manage vulnerabilities, including determining the higher-risk vulnerabilities to prioritize. However, the current literature is scarce in the proposal of intelligent methods for the complex problem of vulnerabilities prioritization. Depending on the adopted metrics, the priority could shift, compromising simple sorting-based approaches and impairing the utilization of conflicting risk assessment metrics. Unlike the related work, this study proposes a multi-objective method that uses user-chosen vulnerabilities assessment metrics to output a complete list of these vulnerabilities ranked by their risk and overall impact in the context of an organization. The method includes a multi-objective large-scale optimization problem representation, a novel population initialization scheme, an expressive fitness function, a post-optimization process, and a custom way to select the best solution among the non-dominated ones. The dataset used in the experiments contains anonymized real-world information about database vulnerabilities obtained from a private organization. The experiments' results indicated that the proposed method can reduce the number of vulnerabilities needed to reach an organization's predefined security targets compared to the baselines simulating a security team's analysis. Multi-objective optimization achieved on average a 48,17% reduction in the vulnerabilities needed to reach the organization's target values compared to the baselines. (AU)

FAPESP's process: 20/05165-1 - Communication and machine learning in urban mobility: a multiagent and multiobjective approach
Grantee:Ana Lúcia Cetertich Bazzan
Support Opportunities: Regular Research Grants