A model-based mode-switching framework based on security vulnerability scores

Software vulnerabilities can affect critical systems within an organization impacting processes, workflows, privacy, and safety. When a software vulnerability becomes known, affected are at risk until appropriate updates become available eventually deployed. This period last from few days to several months, during which attackers develop exploits take advantage of the vulnerability. It is tedious time-consuming keep track manually perform necessary actions shut down, update, or modify systems. Vulnerabilities system components, such as web server, but sometimes only target specific versions component combinations. In this paper, we propose novel approach for automated mode switching support administrators in dealing with reducing exposure. We rely on model-driven techniques use multi-modal architecture react discovered provide contingency support. have developed dedicated domain-specific language describe potential mitigation switches. evaluated our server case study, analyzing historical data. Based scores sum, demonstrated that less vulnerable modes reduced attack surface 98.9% analyzed time. Editor’s note: Open Science material was validated by Journal Systems Board.