Paper Info
Title
Smart Vulnerability Assessment for Scientific Cyberinfrastructure: An Unsupervised Graph Embedding Approach
Abstract
The accelerated growth of computing technologies has provided interdisciplinary teams a platform for producing innovative research at an unprecedented speed. Advanced scientific cyberinfrastructures, in particular, provide data storage, applications, software, and other resources to facilitate the development of critical scientific discoveries. Users of these environments often rely on custom developed virtual machine (VM) images that are comprised of a diverse array of open source applications. These can include vulnerabilities undetectable by conventional vulnerability scanners. This research aims to identify the installed applications, their vulnerabilities, and how they vary across images in scientific cyberinfrastructure. We propose a novel unsupervised graph embedding framework that captures relationships between applications, as well as vulnerabilities identified on corresponding GitHub repositories. This embedding is used to cluster images with similar applications and vulnerabilities. We evaluate cluster quality using Silhouette, Calinski-Harabasz, and Davies-Bouldin indices, and application vulnerabilities through inspection of selected clusters. Results reveal that images pertaining to genomics research in our research testbed are at greater risk of high-severity shell spawning and data validation vulnerabilities.
Year
DOI
Venue
2020
10.1109/ISI49825.2020.9280545
2020 IEEE International Conference on Intelligence and Security Informatics (ISI)
Keywords
DocType
ISBN
Scientific cyberinfrastructure,vulnerability scanning,Graph Embedding,GitHub,virtual machine
Conference
978-1-7281-8801-0
Citations 
PageRank 
References 
0
0.34
0
Authors
7
Name
Order
Citations
PageRank
Steven Ullman100.34
Sagar Samtani2319.09
Ben Lazarine300.34
Hongyi Zhu435.21
Benjamin Ampel500.34
Mark W. Patton6104.28
Hsinchun Chen79569813.33