On the Benefits of Vulnerability Data Consolidation in Application Security

Authors

  • Santanam Kasturi Indiana State University
  • Xiaolong Li Dept. of Electronics and Computer Engineering, Indiana State University, Terre Haute, USA
  • Peng Li Dept. of Technology Systems, East Carolina University, Greenville, USA
  • John Pickard Dept. of Technology Systems, East Carolina University, Greenville, USA

DOI:

https://doi.org/10.34190/iccws.19.1.2086

Keywords:

Data Consolidation, Attack Surface, SIEM, XSOAR, SOAR, XDR, Vulnerability Correlation, Deep Learning

Abstract

This research aims to build upon a conceptual idea of consolidating all application security vulnerability data from monitoring, detection, and discovery tools into a physical system that allows for convergence of observation and response to an event that is a threat. Multiple application security testing and monitoring tools are deployed at different layers of an application architecture and capture activities that occur at that layer. This multi-layer data capture is disconnected without any analysis of data lineage from the externally exposed web attack surface to deep down into the application and data layers. It is only through this data consolidation can one provide a reliable statistical analysis of correlating multiple vulnerability information and synthesize an attack pattern and predict possible events accurately. The benefits of such a system are discussed in this paper that includes how one can organize the data, identifying temporal and spatial correlation of events, focusing on specific web requests that point to a specific vulnerability, and formulating a fast response to such events. Advantages of integrating with Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR/XSOAR), Extended Detection Response (XDR) are briefly discussed. The analysis can be further used to develop a predictive system using deep learning (DL) techniques using correlation of application security vulnerability information.

Author Biographies

Xiaolong Li, Dept. of Electronics and Computer Engineering, Indiana State University, Terre Haute, USA

Dr. Xiaolong Li is a professor in the Department of Electronics and Computer Engineering Technology at Indiana State University. He received his PhD in Computer Engineering from the University of Cincinnati in 2006. His primary areas of research include modeling and performance analysis of MAC protocol, Internet of Things, Wireless Ad Hoc networks, and sensor networks.

Peng Li, Dept. of Technology Systems, East Carolina University, Greenville, USA

Dr. Peng Li received his Ph.D. in Electrical Engineering from the University of Connecticut. His professional certifications include CISSP, RHCE and VCP. Dr. Li is currently an Associate Professor at East Carolina University. He teaches undergraduate and graduate courses in programming, computer networks, information security, web services and virtualization technologies. His research interests include virtualization, cloud computing, cybersecurity, and integration of information technology in education.

John Pickard, Dept. of Technology Systems, East Carolina University, Greenville, USA

Dr. John Pickard is a professor of Information and Cybersecurity Technology at East Carolina University, North Carolina, USA. He received his PhD in Technology Management from Indiana State University in 2014. His main research areas are internet protocols, convergence of information and operations technologies, and Internet of Things applications

Downloads

Published

2024-03-21