Designing Scalable and Effective Decision Support for Mitigating Attacks in Large Enterprise Networks
Managing numerous security vulnerabilities has long been a difficult and daunting task especially due to the complexity, heterogeneity, and various operational constraints of the network. In this paper, the authors focus on the task of mitigating and managing network-device-specific vulnerabilities automatically and intelligently. They achieve the goal by a scalable, interactive, topology-aware framework that can provide mitigation actions at selectively chosen devices. The intuition behind their work is that more and more network devices are becoming security-capable so that they can be collectively used to achieve security goals while satisfying certain network policies.