Ciência_Iscte Publicações Descrição Detalhada da Publicação Exportar

Exportar Publicação

A publicação pode ser exportada nos seguintes formatos: referência da APA (American Psychological Association), referência do IEEE (Institute of Electrical and Electronics Engineers), BibTeX e RIS.

Exportar Referência (APA)

Polónio, J., Moura, J. & Marinheiro, R. N. (2025). Towards automatic detection and mitigation of high-risk cybersecurity vulnerabilities at networked systems. IEEE Access. 13, 181957-181976

Exportar Referência (IEEE)

J. F. Polónio et al.,  "Towards automatic detection and mitigation of high-risk cybersecurity vulnerabilities at networked systems", in IEEE Access, vol. 13, pp. 181957-181976, 2025

Exportar BibTeX

@article{polónio2025_1764930252132,
	author = "Polónio, J. and Moura, J. and Marinheiro, R. N.",
	title = "Towards automatic detection and mitigation of high-risk cybersecurity vulnerabilities at networked systems",
	journal = "IEEE Access",
	year = "2025",
	volume = "13",
	number = "",
	doi = "10.1109/ACCESS.2025.3622497",
	pages = "181957-181976",
	url = "https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639"
}

Exportar RIS

TY - JOUR
TI - Towards automatic detection and mitigation of high-risk cybersecurity vulnerabilities at networked systems
T2 - IEEE Access
VL - 13
AU - Polónio, J.
AU - Moura, J.
AU - Marinheiro, R. N.
PY - 2025
SP - 181957-181976
SN - 2169-3536
DO - 10.1109/ACCESS.2025.3622497
UR - https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639
AB - The current manuscript investigates a comprehensive security framework designed to proactively detect, classify, prioritize, and mitigate high-risk cybersecurity vulnerabilities in networked systems controlled by software-defined networking (SDN). While available literature explores various approaches, it lacks solutions that aggregate in a logically centralized and automated ways the previous referred capabilities. Orchestrating efficiently all these capabilities is crucial to continuously ensure the reliable operation of high-complexity networked systems. This article integrates in a novel way SDN with the Security Orchestration, Automation, and Response (SOAR) paradigm to automatically identify and address security vulnerabilities in network devices before they can be exploited. The proposed open-source framework leverages standardized risk indicators to rank discovered vulnerabilities and apply the most suitable mitigation strategies to mitigate the vulnerabilities with the highest risk of being explored against the system normal operation. The paper framework enhances the reactive security capabilities offered by legacy network devices such as Firewalls and Intrusion Detection Systems (IDSs). The paper details the design, implementation, and evaluation of the framework, validated through both emulation and hardware-based tests. The results confirm that the solution is effective in identifying and mitigating vulnerabilities across diverse devices. Analyzing the results obtained from scalability tests, as the number of scanned devices exceeds a certain threshold, CPU usage increases significantly, while memory and communication resources remain underutilized. In addition, after identifying high-risk device vulnerabilities, the framework automatically applies mitigation measures, timely protecting the system normal operation. Future work may improve the capabilities of the framework by using artificial intelligence for more efficient device vulnerability discovery, context-aware security risk evaluation, and better-aligned mitigation actions targeting identified high-risk security vulnerabilities.
ER -