Título: Software - Practice and ExperienceImportada do Authenticus Pesquisar Publicações da Revista

Vol. 55

Páginas: 1915-1930

ISSN: 0038-0644

Editora: Wiley-Blackwell

ISI Web of Knowledge - 0 Citações

Scopus - 0 Citações

CORDIS: Ciências Tecnológicas > Engenharia > Engenharia de computadores

FOS: Ciências da engenharia e tecnologias > Engenharia electrotécnica, electrónica e informática

ID Authenticus: P-019-X93

DOI: 10.1002/spe.70016

Abstract (EN): Background Intrusion Tolerant Systems (ITS) aim to maintain system security despite adversarial presence by limiting the impact of successful attacks. Current ITS risk managers rely heavily on public databases like NVD and Exploit DB, which suffer from long delays in vulnerability evaluation, reducing system responsiveness.Objective This work extends the HAL 9000 Risk Manager to integrate additional real-time threat intelligence sources and employ machine learning techniques to automatically predict and reassess vulnerability risk scores, addressing limitations of existing solutions.Methods A custom-built scraper collects diverse cybersecurity data from multiple Open Source Intelligence (OSINT) platforms, such as NVD, CVE, AlienVault OTX, and OSV. HAL 9000 uses machine learning models for CVE score prediction, vulnerability clustering through scalable algorithms, and reassessment incorporating exploit likelihood and patch availability to dynamically evaluate system configurations.Results Integration of newly scraped data significantly enhances the risk management capabilities, enabling faster detection and mitigation of emerging vulnerabilities with improved resilience and security. Experiments show HAL 9000 provides lower risk and more resilient configurations compared to prior methods while maintaining scalability and automation.Conclusions The proposed enhancements position HAL 9000 as a next-generation autonomous Risk Manager capable of effectively incorporating diverse intelligence sources and machine learning to improve ITS security posture in dynamic threat environments. Future work includes expanding data sources, addressing misinformation risks, and real-world deployments.

Idioma: Inglês

Tipo (Avaliação Docente): Científica

Nº de páginas: 16