Comparative analysis and patch optimization using the cyber security analytics framework

Dependable metrics are one of the critical elements of an organization’s information security program and are crucial for its long-term success. Current research in the area of enterprise security metrics provides limited insight on understanding the impact that attacks have on the overall security goals of an enterprise as well as predicting the future security state of the network. In this paper we present a novel security analytics framework that takes into account both the inter-relationship between different vulnerabilities and the temporal features that evolve over time, such as the vulnerability discovery rate and the lifecycle events. We then formally define a non-homogenous stochastic model that incorporates time dependent covariates, namely the vulnerability age and the vulnerability discovery rate, to help visualize the future security state of the network leading to actionable knowledge and insight. We will perform a comparative analysis and also describe the patch optimization methodology by applying this model on a sample network to demonstrate the practicality of our approach