Visible to the public A Machine Learning-Based Approach for Automated Vulnerability Remediation Analysis

TitleA Machine Learning-Based Approach for Automated Vulnerability Remediation Analysis
Publication TypeConference Paper
Year of Publication2020
AuthorsZhang, Fengli, Huff, Philip, McClanahan, Kylie, Li, Qinghua
Conference Name2020 IEEE Conference on Communications and Network Security (CNS)
KeywordsAutomation, composability, machine learning, Metrics, Organizations, power grid, power grid vulnerability, power grid vulnerability analysis, power grids, Power industry, pubcrawl, Resiliency, security, Standards organizations, vulnerability and patch management
AbstractSecurity vulnerabilities in firmware/software pose an important threat ton power grid security, and thus electric utility companies should quickly decide how to remediate vulnerabilities after they are discovered. Making remediation decisions is a challenging task in the electric industry due to the many factors to consider, the balance to maintain between patching and service reliability, and the large amount of vulnerabilities to deal with. Unfortunately, remediation decisions are current manually made which take a long time. This increases security risks and incurs high cost of vulnerability management. In this paper, we propose a machine learning-based automation framework to automate remediation decision analysis for electric utilities. We apply it to an electric utility and conduct extensive experiments over two real operation datasets obtained from the utility. Results show the high effectiveness of the solution.
DOI10.1109/CNS48642.2020.9162309
Citation Keyzhang_machine_2020