Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Enhancing Vulnerability Management in Large Organisations through Machine Learning - Based Prioritisation: A Case Study
Högskolan Väst, Institutionen för hälsovetenskap.
2023 (Engelska)Självständigt arbete på avancerad nivå (magisterexamen), 10 poäng / 15 hpStudentuppsats (Examensarbete)
Abstract [en]

The number of vulnerabilities is increasing daily, and organisations are flooded by vulnerabilities in their IT environment. The increasing number of vulnerabilities in organisations' IT environments presents a significant challenge, requiring effective identification and prioritisation of critical vulnerabilities. Different techniques exist to this date, such as CVSS scoring or Risk-based scoring from solution providers to perform prioritisation of vulnerabilities. However, large industries with extensive assets often face difficulty in managing and fixing a large pool of vulnerabilities, as traditional techniques tend to classify numerous vulnerabilities as high or critical. This study proposes a machine learning model based on the K-means++clustering technique that leverages vulnerability data and asset financial value assessments to find patterns within vulnerability and group the most critical vulnerabilities. Our study successfully determined a group of the most critical vulnerabilities from a sample dataset of vulnerabilities from one of the large organisations. By considering the financial value of assets, our solution demonstrates a more accurate prioritisation, enabling organisations to allocate resources effectively and address the most critical vulnerabilities first. This study enhances vulnerability management practices in large organisations and serves as a foundation for further research and development in vulnerability prioritisation using machine learning techniques

Ort, förlag, år, upplaga, sidor
2023. , s. 38
Nyckelord [en]
Vulnerability Prioritisation, Machine learning, Vulnerability Management, CVSS, Risk-based prioritisation
Nationell ämneskategori
Inbäddad systemteknik
Identifikatorer
URN: urn:nbn:se:hv:diva-20794Lokalt ID: EXD600OAI: oai:DiVA.org:hv-20794DiVA, id: diva2:1798788
Ämne / kurs
Datateknik
Utbildningsprogram
Magister i cybersäkerhet 60,0 hp
Handledare
Examinatorer
Tillgänglig från: 2023-10-04 Skapad: 2023-09-20 Senast uppdaterad: 2023-10-04Bibliografiskt granskad

Open Access i DiVA

Fulltext saknas i DiVA

Av organisationen
Institutionen för hälsovetenskap
Inbäddad systemteknik

Sök vidare utanför DiVA

GoogleGoogle Scholar

urn-nbn

Altmetricpoäng

urn-nbn
Totalt: 191 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf