Patch management is a crucial component of IT security programs. An important problem within this context is to determine how often to update the systems with necessary patches. Keeping the systems patched with more frequent patch updates increases operational costs while reducing security risks. On the other hand, leaving the systems unpatched with less frequent patch updates decreases operational costs while increasing security risks. In this paper we develop a game theoretic model to derive the optimal frequency of patch updates to balance the operational costs and damage costs associated with security vulnerabilities. We first analyze a centralized system in a benchmark case to find the socially optimal patch management policy and assoc...
Cyber-attacks are growing more frequent and sophisticated, and they are impacting businesses of all ...
Cyber hygiene measures are often recommended for strengthening an organization’s security posture, e...
© 2019 Kaifan Huang et al. To restrain escalating computer viruses, new virus patches must be c...
We develop and simulate a basic mathematical model of the costly deployment of software patches in t...
Part 11: Security EconomicsInternational audiencePatch management of networks is essential to mitiga...
We study the effect of user incentives on software security in a network of individual users under c...
Abstract—In this paper we quantitatively evaluate depend-ability/security of a computer-based system...
Software vulnerabilities represent a serious threat to cybersecurity, most cyberattacks exploit know...
Patching vulnerabilities is one of the key activities in security management. For most commercial sy...
Internet worms spread in an automated fashion and can cause tremendous damage in a short period. As ...
Security Patch Management Program Patch Management is an easy concept to understand, but a challenge...
In this paper we present a novel approach of using mathematical models and stochastic simulations to...
This document aims to provide a complete discussion on vulnerability and patch management. The first...
When a piece of software is loaded on an untrusted machine it can be analyzed by an attacker who cou...
We present an economic model of fixing or patching a software problem after the product has been rel...
Cyber-attacks are growing more frequent and sophisticated, and they are impacting businesses of all ...
Cyber hygiene measures are often recommended for strengthening an organization’s security posture, e...
© 2019 Kaifan Huang et al. To restrain escalating computer viruses, new virus patches must be c...
We develop and simulate a basic mathematical model of the costly deployment of software patches in t...
Part 11: Security EconomicsInternational audiencePatch management of networks is essential to mitiga...
We study the effect of user incentives on software security in a network of individual users under c...
Abstract—In this paper we quantitatively evaluate depend-ability/security of a computer-based system...
Software vulnerabilities represent a serious threat to cybersecurity, most cyberattacks exploit know...
Patching vulnerabilities is one of the key activities in security management. For most commercial sy...
Internet worms spread in an automated fashion and can cause tremendous damage in a short period. As ...
Security Patch Management Program Patch Management is an easy concept to understand, but a challenge...
In this paper we present a novel approach of using mathematical models and stochastic simulations to...
This document aims to provide a complete discussion on vulnerability and patch management. The first...
When a piece of software is loaded on an untrusted machine it can be analyzed by an attacker who cou...
We present an economic model of fixing or patching a software problem after the product has been rel...
Cyber-attacks are growing more frequent and sophisticated, and they are impacting businesses of all ...
Cyber hygiene measures are often recommended for strengthening an organization’s security posture, e...
© 2019 Kaifan Huang et al. To restrain escalating computer viruses, new virus patches must be c...