Entry Serra:2015:POA from tissec.bib

Last update: Sun Oct 15 02:58:48 MDT 2017                Valid HTML 3.2!

Index sections

Top | Symbols | Numbers | Math | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

BibTeX entry

@Article{Serra:2015:POA,
  author =       "Edoardo Serra and Sushil Jajodia and Andrea Pugliese
                 and Antonino Rullo and V. S. Subrahmanian",
  title =        "{Pareto}-Optimal Adversarial Defense of Enterprise
                 Systems",
  journal =      j-TISSEC,
  volume =       "17",
  number =       "3",
  pages =        "11:1--11:??",
  month =        mar,
  year =         "2015",
  CODEN =        "ATISBQ",
  DOI =          "https://doi.org/10.1145/2699907",
  ISSN =         "1094-9224 (print), 1557-7406 (electronic)",
  ISSN-L =       "1094-9224",
  bibdate =      "Fri Mar 27 17:03:46 MDT 2015",
  bibsource =    "http://portal.acm.org/;
                 http://www.math.utah.edu/pub/tex/bib/tissec.bib",
  abstract =     "The National Vulnerability Database (NVD) maintained
                 by the US National Institute of Standards and
                 Technology provides valuable information about
                 vulnerabilities in popular software, as well as any
                 patches available to address these vulnerabilities.
                 Most enterprise security managers today simply patch
                 the most dangerous vulnerabilities-an adversary can
                 thus easily compromise an enterprise by using less
                 important vulnerabilities to penetrate an enterprise.
                 In this article, we capture the vulnerabilities in an
                 enterprise as a Vulnerability Dependency Graph (VDG)
                 and show that attacks graphs can be expressed in them.
                 We first ask the question: What set of vulnerabilities
                 should an attacker exploit in order to maximize his
                 expected impact? We show that this problem can be
                 solved as an integer linear program. The defender would
                 obviously like to minimize the impact of the worst-case
                 attack mounted by the attacker-but the defender also
                 has an obligation to ensure a high productivity within
                 his enterprise. We propose an algorithm that finds a
                 Pareto-optimal solution for the defender that allows
                 him to simultaneously maximize productivity and
                 minimize the cost of patching products on the
                 enterprise network. We have implemented this framework
                 and show that runtimes of our computations are all
                 within acceptable time bounds even for large VDGs
                 containing 30K edges and that the balance between
                 productivity and impact of attacks is also
                 acceptable.",
  acknowledgement = ack-nhfb,
  articleno =    "11",
  fjournal =     "ACM Transactions on Information and System Security",
  journal-URL =  "http://portal.acm.org/browse_dl.cfm?idx=J789",
}

Related entries