Vulnerability Maintenance and Related Topics
Every month organizations scan their hosts (PCs, servers, printers...)
to detect vulnerabilities and they find a lot of them. Many hosts have no known vulnerabilties but a substantial fraction
Another complication is that almost one third (from our
data) of vulnerabilities are eliminated by automatic patching monthly without any action from local administrators.
Generally, local administrators are under budgeted and lack clear direction about
which patches should be applied to which hosts. They also have limited data. Our techniques provide an expert system to suggest
specific actions including resource or data recruitment. Compared with other similar techniques also based on "Markov
Decision Processes" our are innovative in that they provide a new type of diagnostic information about how trustworthy
the recommendations are.