Title | A Machine Learning-Based Approach for Automated Vulnerability Remediation Analysis |
Publication Type | Conference Paper |
Year of Publication | 2020 |
Authors | Zhang, Fengli, Huff, Philip, McClanahan, Kylie, Li, Qinghua |
Conference Name | 2020 IEEE Conference on Communications and Network Security (CNS) |
Keywords | Automation, composability, machine learning, Metrics, Organizations, power grid, power grid vulnerability, power grid vulnerability analysis, power grids, Power industry, pubcrawl, Resiliency, security, Standards organizations, vulnerability and patch management |
Abstract | Security vulnerabilities in firmware/software pose an important threat ton power grid security, and thus electric utility companies should quickly decide how to remediate vulnerabilities after they are discovered. Making remediation decisions is a challenging task in the electric industry due to the many factors to consider, the balance to maintain between patching and service reliability, and the large amount of vulnerabilities to deal with. Unfortunately, remediation decisions are current manually made which take a long time. This increases security risks and incurs high cost of vulnerability management. In this paper, we propose a machine learning-based automation framework to automate remediation decision analysis for electric utilities. We apply it to an electric utility and conduct extensive experiments over two real operation datasets obtained from the utility. Results show the high effectiveness of the solution. |
DOI | 10.1109/CNS48642.2020.9162309 |
Citation Key | zhang_machine_2020 |