A Security Patch Management Model

T. Uemura and T. Dohi (Japan)


software security, patch management, availability, semiMarkov model, optimization.


In this paper we quantitatively evaluate the dependability/ security of an intrusion tolerant system subject to Denial of Service (DoS) attacks. More specifically, we develop a semi-Markov model for describing the stochastic behavior of an intrusion tolerant system. The optimal security patch management policy is analytically derived to maximize the steady-state system availability. We further perform the sensitivity analysis of model parameters through numerical experiments and refer to the effectiveness of our preventive patch management policy.

Important Links:

Go Back