Title: Validation of Vulnerability Prediction Model
Project Investigator: Prof. Sandeep Kumar Shukla
- Ashu Sharma
- Anand Handa
- Subhasis Mukhopadhyay
Attack path analysis is an important method for analyzing the security status of computer network, which can automatically analyze the correlation between vulnerabilities and potential threats in the system, resulting from vulnerabilities. It is a probability-based approach to predict an exploiter's means to leverage vulnerability present in IT systems and plays a guiding role in establishing network security policy. However, the validity of such predictions are not measured.
Our objectives are:
- To develop a technology to validate such predictions.
- To identify and improve upon limiting factors of vulnerability prediction model.
Experimental Testbed: DETER Lab
As DETER lab supports a variety of library of tools, interfaces, and datasets for security experiments, hence it is beneficial for us to use it in our validation of prediction models. The DETER lab platform will be used for our experimental analysis to create virtual network of various devices. Then the experiment and verification of various exploits will be conducted on the developed virtual network testbed.