Analysis of vulnerability assessment results based on CAOS

Producció científica: Article en revista indexadaArticleAvaluat per experts

11 Cites (Scopus)

Resum

Information system security must battle regularly with new threats that jeopardize the protection of those systems. Security tests have to be run periodically not only to identify vulnerabilities but also to control information systems, network devices, services and communications. Vulnerability assessments gather large amounts of data to be further analyzed by security experts, who recently have started using data analysis techniques to extract useful knowledge from these data. With the aim of assisting this process, this work presents CAOS, an evolutionary multiobjective approach to be used to cluster information of security tests. The process enables the clustering of the tested devices with similar vulnerabilities to detect hidden patterns, rogue or risky devices. Two different types of metrics have been selected to guide the discovery process in order to get the best clustering solution: general-purpose and specific-domain objectives. The results of both approaches are compared with the state-of-the-art single-objective clustering techniques to corroborate the benefits of the clustering results to security analysts.

Idioma originalAnglès
Pàgines (de-a)4321-4331
Nombre de pàgines11
RevistaApplied Soft Computing Journal
Volum11
Número7
DOIs
Estat de la publicacióPublicada - d’oct. 2011

Fingerprint

Navegar pels temes de recerca de 'Analysis of vulnerability assessment results based on CAOS'. Junts formen un fingerprint únic.

Com citar-ho