Attackers tend to use similar vulnerabilities when finding their next target IT assets. They also continuously search for new attack targets. Therefore, it is essential to find the potential targets of attackers in advance. Our method proposes a novel...
Attackers tend to use similar vulnerabilities when finding their next target IT assets. They also continuously search for new attack targets. Therefore, it is essential to find the potential targets of attackers in advance. Our method proposes a novel approach for efficient vulnerable asset management and zero-day response. In this paper, we propose the ability to detect the IT assets that are potentially infected by the recently discovered vulnerability based on clustering and similarity results. As the experiment results, 86% of all collected assets are clustered within the same clustering. In addition, as a result of conducting a similarity calculation experiment by randomly selecting vulnerable assets, assets using the same OS and service were listed.