-
A Relevance Model for Threat-Centric Ranking of Cybersecurity Vulnerabilities
Authors:
Corren McCoy,
Ross Gore,
Michael L. Nelson,
Michele C. Weigle
Abstract:
The relentless process of tracking and remediating vulnerabilities is a top concern for cybersecurity professionals. The key challenge is trying to identify a remediation scheme specific to in-house, organizational objectives. Without a strategy, the result is a patchwork of fixes applied to a tide of vulnerabilities, any one of which could be the point of failure in an otherwise formidable defens…
▽ More
The relentless process of tracking and remediating vulnerabilities is a top concern for cybersecurity professionals. The key challenge is trying to identify a remediation scheme specific to in-house, organizational objectives. Without a strategy, the result is a patchwork of fixes applied to a tide of vulnerabilities, any one of which could be the point of failure in an otherwise formidable defense. Given that few vulnerabilities are a focus of real-world attacks, a practical remediation strategy is to identify vulnerabilities likely to be exploited and focus efforts towards remediating those vulnerabilities first. The goal of this research is to demonstrate that aggregating and synthesizing readily accessible, public data sources to provide personalized, automated recommendations for organizations to prioritize their vulnerability management strategy will offer significant improvements over using the Common Vulnerability Scoring System (CVSS). We provide a framework for vulnerability management specifically focused on mitigating threats using adversary criteria derived from MITRE ATT&CK. We test our approach by identifying vulnerabilities in software associated with six universities and four government facilities. Ranking policy performance is measured using the Normalized Discounted Cumulative Gain (nDCG). Our results show an average 71.5% - 91.3% improvement towards the identification of vulnerabilities likely to be targeted and exploited by cyber threat actors. The return on investment (ROI) of patching using our policies results in a savings of 23.3% - 25.5% in annualized costs. Our results demonstrate the efficacy of creating knowledge graphs to link large data sets to facilitate semantic queries and create data-driven, flexible ranking policies.
△ Less
Submitted 9 June, 2024;
originally announced June 2024.
-
University Twitter Engagement: Using Twitter Followers to Rank Universities
Authors:
Corren G. McCoy,
Michael L. Nelson,
Michele C. Weigle
Abstract:
We examine and rank a set of 264 U.S. universities extracted from the National Collegiate Athletic Association (NCAA) Division I membership and global lists published in U.S. News, Times Higher Education, Academic Ranking of World Universities, and Money Magazine. Our University Twitter Engagement (UTE) rank is based on the friend and extended follower network of primary and affiliated secondary T…
▽ More
We examine and rank a set of 264 U.S. universities extracted from the National Collegiate Athletic Association (NCAA) Division I membership and global lists published in U.S. News, Times Higher Education, Academic Ranking of World Universities, and Money Magazine. Our University Twitter Engagement (UTE) rank is based on the friend and extended follower network of primary and affiliated secondary Twitter accounts referenced on a university's home page. In rank-to-rank comparisons we observed a significant, positive rank correlation (τ=0.6018) between UTE and an aggregate reputation ranking which indicates that UTE could be a viable proxy for ranking atypical institutions normally excluded from traditional lists. In addition, we significantly reduce the cost of data collection needed to rank each institution by using only web-based artifacts and a publicly accessible Twitter application programming interface (API).
△ Less
Submitted 18 August, 2017;
originally announced August 2017.
-
Minimizing the average distance to a closest leaf in a phylogenetic tree
Authors:
Frederick A. Matsen,
Aaron Gallagher,
Connor McCoy
Abstract:
When performing an analysis on a collection of molecular sequences, it can be convenient to reduce the number of sequences under consideration while maintaining some characteristic of a larger collection of sequences. For example, one may wish to select a subset of high-quality sequences that represent the diversity of a larger collection of sequences. One may also wish to specialize a large datab…
▽ More
When performing an analysis on a collection of molecular sequences, it can be convenient to reduce the number of sequences under consideration while maintaining some characteristic of a larger collection of sequences. For example, one may wish to select a subset of high-quality sequences that represent the diversity of a larger collection of sequences. One may also wish to specialize a large database of characterized "reference sequences" to a smaller subset that is as close as possible on average to a collection of "query sequences" of interest. Such a representative subset can be useful whenever one wishes to find a set of reference sequences that is appropriate to use for comparative analysis of environmentally-derived sequences, such as for selecting "reference tree" sequences for phylogenetic placement of metagenomic reads. In this paper we formalize these problems in terms of the minimization of the Average Distance to the Closest Leaf (ADCL) and investigate algorithms to perform the relevant minimization. We show that the greedy algorithm is not effective, show that a variant of the Partitioning Among Medoids (PAM) heuristic gets stuck in local minima, and develop an exact dynamic programming approach. Using this exact program we note that the performance of PAM appears to be good for simulated trees, and is faster than the exact algorithm for small trees. On the other hand, the exact program gives solutions for all numbers of leaves less than or equal to the given desired number of leaves, while PAM only gives a solution for the pre-specified number of leaves. Via application to real data, we show that the ADCL criterion chooses chimeric sequences less often than random subsets, while the maximization of phylogenetic diversity chooses them more often than random. These algorithms have been implemented in publicly available software.
△ Less
Submitted 31 August, 2012; v1 submitted 30 May, 2012;
originally announced May 2012.