Wagner Medeiros dos Santos

Topic: 
Risk metrics for vulnerabilities
Research work: 

In a scenario, where a network administrator is analyzing a particular vulnerability in the company's network environment, where in this environment we have two levels of switches, edges switches connected to a core switch that is the output to the internet. The edges switches would be interconnecting the various hosts of the edge switch (servers, computers, etc.) and would have separate network traffic in sub-nets.
The network administrator could use the scores provided by CVSS to analyze the vulnerability found. The vulnerability detected in a particular node of the network using the environment metrics should be analyzed in another determined node of the network following all the necessary procedures so that the obtained result is the best possible for correction and repair of the problem.
In this small scenario we have already identified that the administrator will repeat the analysis of the same vulnerability in several locations and that the result will depend on the administrator's expertise and that it will take a long time to complete. For most companies that need a professional qualified to perform this service, that is, with network environments often larger than what we exemplify, this activity of the administrator becomes very difficult, conducive to human failure and financially very costly.
Thus, we envision a currently existing gap in a solution to try to help the network administrator do the vulnerability analysis activity, using the environmental metrics in an automated way, where an application would help in analyzing, correcting and repairing the problem in a more quickly, secure and financially less expensive.
Our research proposal is to seek a solution to automate the analysis and solution activity performed by the administrator in relation to environmental metrics. Thus, reducing the effective costs related to this activity.