Name
Abstract | ||
|---|---|---|
How to inform the right person is an important step in the network security incident response. In previous studies, researchers focused on email notification mode in the whole Internet, and main objective is to find an effective mode to notify the ISP or the related institutions. In this paper, we extend previous research in an ISP scope. We plan to analyze factors which can affect the effectiveness of notification in an ISP scope and try to find some reasonable vulnerability notification modes for ISP to use. We use a Chinese ISP CERNET as a research case, and identify three different types of vulnerabilities in the customers of CERNET and notify them through three different notification methods(Customer Service Phone, Email and Instant Messenger). Then we analyze all the feedbacks of customers, and study the effectiveness of each notification method. Through the study we find that the customer pays more attention to the high-risk vulnerability, while other potential risks have not been given adequate attention. We also find that the current vulnerability notification mode for ISP is not perfect. IM (Instant Messenger) is the most effective way to notify vulnerability, but it is not commonly used. For different types of vulnerabilities, the remediation ratio may be related to the role who we should notify: the vulnerabilities with more complexity need to notify the person with higher level technical capability, while the vulnerabilities which are related to application system need to notify the person who has the authority to fix it. If we do not find the right contact, repeated notification is useless. At last, for the effectiveness of notification, we propose to establish an IM group in an ISP scope with the participation of network operation directors, security operation experts and system administrators etc. of each customer. |
Year | Venue | Field |
|---|---|---|
2017 | IEEE Global Communications Conference | Telecommunications network,Web page,Computer science,Computer security,Server,Network security,Computer network,Phone,Instant messenger,The Internet,Vulnerability |
DocType | ISSN | Citations |
Conference | 2334-0983 | 0 |
PageRank | References | Authors |
0.34 | 0 | 4 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Zhang Jia | 1 | 12 | 3.97 |
| Haixin Duan | 2 | 237 | 36.86 |
| Wu Liu | 3 | 14 | 7.13 |
| Xingkun Yao | 4 | 0 | 0.34 |