US 12,238,132 B2
Method and system for facilitating a ranking score using attack volume to find optimal configurations
Massimiliano Albanese, Potomac, MD (US); Ibifubara Iganibo, Fairfax, VA (US); Marc E. Mosko, Santa Cruz, CA (US); and Alejandro E. Brito, Mountain View, CA (US)
Assigned to Xerox Corporation, Norwalk, CT (US)
Filed by Palo Alto Research Center Incorporated, Palo Alto, CA (US)
Filed on Jun. 3, 2022, as Appl. No. 17/831,848.
Claims priority of provisional application 63/334,032, filed on Apr. 22, 2022.
Prior Publication US 2023/0344855 A1, Oct. 26, 2023
Int. Cl. H04L 9/40 (2022.01); H04L 41/0816 (2022.01)
CPC H04L 63/1433 (2013.01) [H04L 41/0816 (2013.01); H04L 63/1416 (2013.01); H04L 63/1425 (2013.01); H04L 63/1466 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A computer-executable method, comprising:
determining, in a graph which represents a system of components:
vulnerability nodes which represent known vulnerabilities to the system, wherein exposed vulnerability nodes represent vulnerabilities at a perimeter of the system and non-exposed vulnerability nodes represent vulnerabilities not at the perimeter of the system, and
wherein the exposed vulnerability nodes are each associated with a first likelihood of exploitation and the non-exposed vulnerability nodes are each associated with a second likelihood of exploitation based on a prior likelihood associated with a prior vulnerability node which enables a respective non-exposed vulnerability node; and
dependency nodes which represent the components in the system,
wherein direct dependency nodes are each associated with an exposure factor which indicates an amount of degradation caused to a respective component based on exploitation of a respective vulnerability which directly degrades the respective component;
calculating, across all the non-exposed vulnerability nodes and all the direct dependency nodes, a score which indicates an attack volume of the system using a metric which is based on at least:
a respective second likelihood associated with a first non-exposed vulnerability node;
an exposure factor associated with a respective dependency node which represents a component directly degraded based on exploitation of a vulnerability represented by the first non-exposed vulnerability node; and
a loss of utility of the component represented by the respective dependency node,
wherein the score is calculated for one or more configurations of the system of components; and
selecting, based on the calculated score for the one or more configurations of the system of components, a first configuration of the one or more configurations of the system of components which optimizes a configuration of the system.