Method and system for facilitating a ranking score using attack volume to find optimal configurations

Assignee

• Xerox Corporation · US

Inventors

• Massimiliano Albanese · Potomac, US
• Ibifubara Iganibo · Lord Fairfax Estates, US
• Marc E. Mosko · Santa Cruz, US
• Alejandro E. Brito · Mountain View, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/1466
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A system determines, in a graph which represents a system of components: vulnerability nodes representing known vulnerabilities to the system, including exposed and non-exposed vulnerability nodes associated with an exploitation likelihood; and dependency nodes representing components in the system, including direct and indirect dependency nodes associated with an exposure factor indicating an amount of degradation based on exploitation of an associated vulnerability. The system calculates, across all non-exposed vulnerability nodes and all direct dependency nodes, a score which indicates an attack volume based on at least: a respective second likelihood associated with a non-exposed vulnerability node; an exposure factor associated with a dependency node which represents a component directly degraded based on exploitation of a vulnerability; and a loss of utility of the component. The score is calculated for one or more configurations of the system, and the system selects an optimal configuration based on the calculated score.