Patching Assignment Optimization for Security Vulnerabilities

Patching Assignment Optimization for Security Vulnerabilities

 

Shao-Ming Tong, Chien-Cheng Huang, Feng-Yu Lin and Yeali Sun

Department of Information Management, National Taiwan University, Taiwan

 

Abstract: This research is focusing on how IT support center applies the limited resources to elaborate a vulnerability patch in face of its disclosure in a system. We propose the most optimized procedure to design the patch in question and let second-tier security engineer handle the update for vulnerabilities with patch release. While the frontline security engineer are able to provide a firewall to hold the leakage plus create and update the patch in the shortest amount of time. In face of, some system vulnerabilities, the frontline security engineer has to build up a prevention procedure before the patch is released. The strategy of this study is to focus on the transfer of patch demand to the adequate system engineer in a mathematical programming problem module. Within it the objective function is minimized to pursue the shortest amount of survival time for the vulnerability (before the patch is released), we also added some related constraints. The main contributions of this study is a non-linear non-convex mixed integer programming problem formulation for patching assignment optimization and a near optimal solution approach.

Keywords: Vulnerability, patch management, assignment algorithm, optimization, mathematical programming, near optimal solution

Received September 4, 2013; accepted June 29, 2014

Read 1972 times
Share
Top
We use cookies to improve our website. By continuing to use this website, you are giving consent to cookies being used. More details…