A MULTI-LAYER TREE MODEL FOR ENTERPRISE VULNERABILITY MANAGEMENT

Bin Wu, Andy Ju An Wang

2011

Abstract

Conducting enterprise-wide vulnerability assessment (VA) on a regular basis plays an important role in assessing an enterprise’s information system security status. However, an enterprise network is always very complex, separated into different types of zones, and consisting hundreds of hosts in the networks. The complexity of IT system makes VA an extremely time-consuming task for security professionals. They are seeking for an automated tool that helps monitor and manage the overall vulnerability of an enterprise. This paper presents a novel methodology that provides a dashboard solution for managing enterprise level vulnerability. In our methodology, we develop a multi-layer tree based model to describe enterprise vulnerability topology. Then we apply a client/server structure to gather vulnerability information from enterprise resources automatically. Finally a set of well-defined metric formulas is applied to produce a normalized vulnerability score for the whole enterprise. We also developed the implementation of our methodology, EVMAT, and Enterprise Vulnerability Management and Assessment Tool, to test our method. Experiments on a small E-commerce company and a small IT company demonstrate the great potentials of our tool for enterprise-level security.

References

  1. Mell Peter and Scarfone Karen and Romanosky Sasha.Common Vulnerability Scoring System.IEE Security and Privary, 4(6):85-89, 2006.
  2. Mell Peter and Scarfone Karen and Romanosky Sasha.Common Vulnerability Scoring System.IEE Security and Privary, 4(6):85-89, 2006.
  3. Shi, Fuqian and Xu, Hongbiao and Wang, Haining. A Representative Management Model of Network Security in Enterprise Informatization. Proceedings of the 2008 International Conference on Information Management, volume 2: 304-307, 2008
  4. Shi, Fuqian and Xu, Hongbiao and Wang, Haining. A Representative Management Model of Network Security in Enterprise Informatization. Proceedings of the 2008 International Conference on Information Management, volume 2: 304-307, 2008
  5. Zhang, Zonghua and Nat-Abdesselam, Farid and Lin, Xiaodong and Ho, Pin-Han. A model-based semiquantitative approach for evaluating security of enterprise networks. Proceedings of the 2008 ACM symposium on Applied computing, 1069-1074, 2008.
  6. Zhang, Zonghua and Nat-Abdesselam, Farid and Lin, Xiaodong and Ho, Pin-Han. A model-based semiquantitative approach for evaluating security of enterprise networks. Proceedings of the 2008 ACM symposium on Applied computing, 1069-1074, 2008.
  7. Anderson, Evan and Choobineh, Joobin and Grimaila, Michael R. An Enterprise Level Security Requirements Specification Model. Proceedings of the Proceedings of the 38th Annual Hawaii International Conference on System Sciences, 186.3--, 2005
  8. Anderson, Evan and Choobineh, Joobin and Grimaila, Michael R. An Enterprise Level Security Requirements Specification Model. Proceedings of the Proceedings of the 38th Annual Hawaii International Conference on System Sciences, 186.3--, 2005
  9. Lee, Jae Seung and Kim, Sang-Choon and Sohn, Seung Won. A Design of the Security Evaluation System for Decision Support in the Enterprise Network Security Management. Proceedings of the Third International Conference on Information Security and Cryptology, 246-260, 2001
  10. Lee, Jae Seung and Kim, Sang-Choon and Sohn, Seung Won. A Design of the Security Evaluation System for Decision Support in the Enterprise Network Security Management. Proceedings of the Third International Conference on Information Security and Cryptology, 246-260, 2001
  11. Liao, Qi and Striegel, Aaron and Chawla, Nitesh. Visualizing graph dynamics and similarity for enterprise network security and management. Proceedings of the Seventh International Symposium on Visualization for Cyber Security, 34-45, 2010
  12. Liao, Qi and Striegel, Aaron and Chawla, Nitesh. Visualizing graph dynamics and similarity for enterprise network security and management. Proceedings of the Seventh International Symposium on Visualization for Cyber Security, 34-45, 2010
  13. Homer, John. A comprehensive approach to enterprise network security management. Phd thesis, Kansas State University, 2009
  14. Homer, John. A comprehensive approach to enterprise network security management. Phd thesis, Kansas State University, 2009
  15. Chen, Xiuzhen and Zheng, Qinghua and Guan, Xiaohong. An OVAL-based active vulnerability assessment system for enterprise computer network. Information System Frontiers, 10(5): 573-588, 2009.
  16. Chen, Xiuzhen and Zheng, Qinghua and Guan, Xiaohong. An OVAL-based active vulnerability assessment system for enterprise computer network. Information System Frontiers, 10(5): 573-588, 2009.
  17. Myerson, Judith M. Identifying enterprise network vulnerabilities. Int. J. Netw. Manag., 12(3): 135-144, 2002.
  18. Myerson, Judith M. Identifying enterprise network vulnerabilities. Int. J. Netw. Manag., 12(3): 135-144, 2002.
  19. Wang, Ju An and Wang, Hao and Guo, Minzhe and Zhou, Linfeng and Camargo, Jairo. Ranking Attacks Based on Vulnerability Analysis. Proceedings of the 2010 43rd Hawaii International Conference on System Sciences, 1-10, 2010
  20. Wang, Ju An and Wang, Hao and Guo, Minzhe and Zhou, Linfeng and Camargo, Jairo. Ranking Attacks Based on Vulnerability Analysis. Proceedings of the 2010 43rd Hawaii International Conference on System Sciences, 1-10, 2010
  21. Wang, Ju An and Guo, Minzhe. Vulnerability categorization using Bayesian networks. Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research, 29:1-29:4, 2010.
  22. Wang, Ju An and Guo, Minzhe. Vulnerability categorization using Bayesian networks. Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research, 29:1-29:4, 2010.
  23. Wang, Ju An and Wang, Hao and Guo, Minzhe and Xia, Min. Security metrics for software systems. Proceedings of the 47th Annual Southeast Regional Conference, 47:1-47:6, 2009
  24. Wang, Ju An and Wang, Hao and Guo, Minzhe and Xia, Min. Security metrics for software systems. Proceedings of the 47th Annual Southeast Regional Conference, 47:1-47:6, 2009
Download


Paper Citation


in Harvard Style

Wu B. and Ju An Wang A. (2011). A MULTI-LAYER TREE MODEL FOR ENTERPRISE VULNERABILITY MANAGEMENT . In Proceedings of the 13th International Conference on Enterprise Information Systems - Volume 4: ICEIS, ISBN 978-989-8425-56-0, pages 389-394. DOI: 10.5220/0003466603890394


in Harvard Style

Wu B. and Ju An Wang A. (2011). A MULTI-LAYER TREE MODEL FOR ENTERPRISE VULNERABILITY MANAGEMENT . In Proceedings of the 13th International Conference on Enterprise Information Systems - Volume 4: ICEIS, ISBN 978-989-8425-56-0, pages 389-394. DOI: 10.5220/0003466603890394


in Bibtex Style

@conference{iceis11,
author={Bin Wu and Andy Ju An Wang},
title={A MULTI-LAYER TREE MODEL FOR ENTERPRISE VULNERABILITY MANAGEMENT},
booktitle={Proceedings of the 13th International Conference on Enterprise Information Systems - Volume 4: ICEIS,},
year={2011},
pages={389-394},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003466603890394},
isbn={978-989-8425-56-0},
}


in Bibtex Style

@conference{iceis11,
author={Bin Wu and Andy Ju An Wang},
title={A MULTI-LAYER TREE MODEL FOR ENTERPRISE VULNERABILITY MANAGEMENT},
booktitle={Proceedings of the 13th International Conference on Enterprise Information Systems - Volume 4: ICEIS,},
year={2011},
pages={389-394},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003466603890394},
isbn={978-989-8425-56-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 13th International Conference on Enterprise Information Systems - Volume 4: ICEIS,
TI - A MULTI-LAYER TREE MODEL FOR ENTERPRISE VULNERABILITY MANAGEMENT
SN - 978-989-8425-56-0
AU - Wu B.
AU - Ju An Wang A.
PY - 2011
SP - 389
EP - 394
DO - 10.5220/0003466603890394


in EndNote Style

TY - CONF
JO - Proceedings of the 13th International Conference on Enterprise Information Systems - Volume 4: ICEIS,
TI - A MULTI-LAYER TREE MODEL FOR ENTERPRISE VULNERABILITY MANAGEMENT
SN - 978-989-8425-56-0
AU - Wu B.
AU - Ju An Wang A.
PY - 2011
SP - 389
EP - 394
DO - 10.5220/0003466603890394