Control charting methods for autocorrelated cyber vulnerability data

Anthony Afful-Dadzie; Theodore T. Allen

doi:10.1080/08982112.2015.1125926

Control charting methods for autocorrelated cyber vulnerability data

Anthony Afful-Dadzie, Theodore T. Allen

Research output: Contribution to journal › Article › peer-review

11 Citations (Scopus)

Abstract

Control charting cyber vulnerabilities is challenging because the same vulnerabilities can remain from period to period. Also, hosts (personal computers, servers, printers, etc.) are often scanned infrequently and can be unavailable during scanning. To address these challenges, control charting of the period-to-period demerits per host using a hybrid moving centerline residual-based and adjusted demerit (MCRAD) chart is proposed. The intent is to direct limited administrator resources to unusual cases when automatic patching is insufficient. The proposed chart is shown to offer superior average run length performance compared with three alternative methods from the literature. The methods are illustrated using three datasets.

Original language	English
Pages (from-to)	313-328
Number of pages	16
Journal	Quality Engineering
Volume	28
Issue number	3
DOIs	https://doi.org/10.1080/08982112.2015.1125926
Publication status	Published - 2 Jul 2016
Externally published	Yes

Keywords

EWMA control charts
autocorrelation
average run length (ARL)
control charts
statistical control

Access to Document

10.1080/08982112.2015.1125926

Cite this

@article{17e4e279563c44abb158b580fb847c49,

title = "Control charting methods for autocorrelated cyber vulnerability data",

abstract = "Control charting cyber vulnerabilities is challenging because the same vulnerabilities can remain from period to period. Also, hosts (personal computers, servers, printers, etc.) are often scanned infrequently and can be unavailable during scanning. To address these challenges, control charting of the period-to-period demerits per host using a hybrid moving centerline residual-based and adjusted demerit (MCRAD) chart is proposed. The intent is to direct limited administrator resources to unusual cases when automatic patching is insufficient. The proposed chart is shown to offer superior average run length performance compared with three alternative methods from the literature. The methods are illustrated using three datasets.",

keywords = "EWMA control charts, autocorrelation, average run length (ARL), control charts, statistical control",

author = "Anthony Afful-Dadzie and Allen, {Theodore T.}",

note = "Publisher Copyright: {\textcopyright} 2016, {\textcopyright} Taylor & Francis.",

year = "2016",

month = jul,

day = "2",

doi = "10.1080/08982112.2015.1125926",

language = "English",

volume = "28",

pages = "313--328",

journal = "Quality Engineering",

issn = "0898-2112",

publisher = "Taylor and Francis Ltd.",

number = "3",

}

TY - JOUR

T1 - Control charting methods for autocorrelated cyber vulnerability data

AU - Afful-Dadzie, Anthony

AU - Allen, Theodore T.

PY - 2016/7/2

Y1 - 2016/7/2

N2 - Control charting cyber vulnerabilities is challenging because the same vulnerabilities can remain from period to period. Also, hosts (personal computers, servers, printers, etc.) are often scanned infrequently and can be unavailable during scanning. To address these challenges, control charting of the period-to-period demerits per host using a hybrid moving centerline residual-based and adjusted demerit (MCRAD) chart is proposed. The intent is to direct limited administrator resources to unusual cases when automatic patching is insufficient. The proposed chart is shown to offer superior average run length performance compared with three alternative methods from the literature. The methods are illustrated using three datasets.

AB - Control charting cyber vulnerabilities is challenging because the same vulnerabilities can remain from period to period. Also, hosts (personal computers, servers, printers, etc.) are often scanned infrequently and can be unavailable during scanning. To address these challenges, control charting of the period-to-period demerits per host using a hybrid moving centerline residual-based and adjusted demerit (MCRAD) chart is proposed. The intent is to direct limited administrator resources to unusual cases when automatic patching is insufficient. The proposed chart is shown to offer superior average run length performance compared with three alternative methods from the literature. The methods are illustrated using three datasets.

KW - EWMA control charts

KW - autocorrelation

KW - average run length (ARL)

KW - control charts

KW - statistical control

UR - http://www.scopus.com/inward/record.url?scp=84962091533&partnerID=8YFLogxK

U2 - 10.1080/08982112.2015.1125926

DO - 10.1080/08982112.2015.1125926

M3 - Article

AN - SCOPUS:84962091533

SN - 0898-2112

VL - 28

SP - 313

EP - 328

JO - Quality Engineering

JF - Quality Engineering

IS - 3

ER -

Control charting methods for autocorrelated cyber vulnerability data

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this