|
|
|
|
|
Software Vulnerability Patch Management with Semi-Markov Decision Process |
|
PP: 2467-2476 |
|
Author(s) |
|
Chien-Cheng Huang,
Kwo-Jean Farn,
Feng-Yu Lin,
Frank Yeong-Sung Lin,
|
|
Abstract |
|
Information security incidents frequency has been increasing dramatically, the aim of this study is to analyze the state-space
reachability problems through the transition of vulnerable status after the informative system vulnerability exposure. In this research
we took into consideration the time factor to analyze the arrival time to reachable states problem discussed in stochastic Petri nets. The
mean arrival time and variance of the process between starting from an initial state and arriving at reachable states. We will therefore
elaborate a novel model based on the semi-Markov stochastic Petri nets model for analyzing the period between the exposure of the
vulnerability and the completion of its patch. We use the semi-Markov process to analyze the state-space reachability problems of the
stochastic Petri nets, resulting in a novel model for software vulnerability patch management. Moreover, we include also the concept
of discounted multi-objective semi-Markov decision process to obtain the total of the efficient extreme point set. |
|
|
|
|
|