Browse Prior Art Database

Method of predicting that an application will be hacked Disclosure Number: IPCOM000233183D
Publication Date: 2013-Nov-29
Document File: 2 page(s) / 71K

Publishing Venue

The Prior Art Database


Disclosed is a formula that computes the likelihood of a hacker attack on an application that is installed within an organization.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 01 of 2

Method of predicting that an application will be hacked

A method is needed that enables a security professional to know which software applications are likely the next targets for hacking.

Security Risk Assessment methodologies exist; however, taking the Security Risk

Assessment to the next level to predict the likelihood of attack has not yet been done.

The novel contribution is a formula that computes the likelihood of an attack on an application. This formula is applied to all the individual applications owned and installed within an organization. The formula then computes a score. The higher the score, the more likely it is that an application will be hacked.

The formula to compute the Attack Likelihood uses five main factor categories:

• Type of data that the application contains (e.g., military, banking, insurance). The justification is that the more sensitive information an application contains, the greater the likelihood that it is a hacking target.

• History of attacks to the organization. The justification is that attackers are likely to re-try old attacks or execute new attacks on previously targeted hosts.

• Vulnerability Information, such as information about vulnerabilities and associated numbers such as: (current methods of quantification are accepted by the security community)

- Level of criticality of the application to the organization

- Level of ease with which a hacker can identify vulnerabilities

- Level of severity of the application vulnerabilities

- Location of application deployment (e.g., internal network, perimeter network, etc.)

- Whether the vulnerabilities are publicly disclosed

• Asset profile of the network asset upon which the application is deployed. The justification is that an application also depends on the computer on which it is deployed. A vulnerable network asset jeopardizes all the applications

that are deployed on it

• Neighbors' Attack Likelihood of all the other applications that co-exist on the same network asset. T...