Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Enhancing Vulnerability Management in Large Organisations through Machine Learning - Based Prioritisation: A Case Study
Högskolan Väst, Institutionen för hälsovetenskap.
2023 (engelsk)Independent thesis Advanced level (degree of Master (One Year)), 10 poäng / 15 hpOppgave
Abstract [en]

The number of vulnerabilities is increasing daily, and organisations are flooded by vulnerabilities in their IT environment. The increasing number of vulnerabilities in organisations' IT environments presents a significant challenge, requiring effective identification and prioritisation of critical vulnerabilities. Different techniques exist to this date, such as CVSS scoring or Risk-based scoring from solution providers to perform prioritisation of vulnerabilities. However, large industries with extensive assets often face difficulty in managing and fixing a large pool of vulnerabilities, as traditional techniques tend to classify numerous vulnerabilities as high or critical. This study proposes a machine learning model based on the K-means++clustering technique that leverages vulnerability data and asset financial value assessments to find patterns within vulnerability and group the most critical vulnerabilities. Our study successfully determined a group of the most critical vulnerabilities from a sample dataset of vulnerabilities from one of the large organisations. By considering the financial value of assets, our solution demonstrates a more accurate prioritisation, enabling organisations to allocate resources effectively and address the most critical vulnerabilities first. This study enhances vulnerability management practices in large organisations and serves as a foundation for further research and development in vulnerability prioritisation using machine learning techniques

sted, utgiver, år, opplag, sider
2023. , s. 38
Emneord [en]
Vulnerability Prioritisation, Machine learning, Vulnerability Management, CVSS, Risk-based prioritisation
HSV kategori
Identifikatorer
URN: urn:nbn:se:hv:diva-20794Lokal ID: EXD600OAI: oai:DiVA.org:hv-20794DiVA, id: diva2:1798788
Fag / kurs
Computer engineering
Utdanningsprogram
Master in Cybersecurity
Veileder
Examiner
Tilgjengelig fra: 2023-10-04 Laget: 2023-09-20 Sist oppdatert: 2023-10-04bibliografisk kontrollert

Open Access i DiVA

Fulltekst mangler i DiVA

Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric

urn-nbn
Totalt: 191 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf