Document Type

Article

Publication Date

May 2020

Patent Number

10659488

Abstract

A statistical model for predicting an expected path length (“EPL”) of the steps of an attacker is described. The model is based on utilizing vulnerability information along with an attack graph. Using the model, it is possible to identify the interaction among vulnerabilities and individual variables or risk factors that drive the EPL. Gaining a better understanding of the relationship between the vulnerabilities and their interactions can provide security administrators with a better view and understanding of their security status. In addition, a number of different attributable variables and their contribution in estimating the EPL can be ranked. Thus, it is possible to utilize the ranking process to take precautions and actions to minimize the EPL.

Application Number

15/907968

Assignees

University of South Florida

Filing Date

02/28/2018

Share

COinS