|Title:||Automated Implementation of Windows-related Security-Configuration Guides|
|Authors:||Patrick Stöckle, Dr. Bernd Grobauer, and Prof. Dr. Alexander Pretschner|
|Conference:||IEEE/ACM Automated Software Engineering (ASE)|
Security-configuration guides describe how we should configure our system, e.g., Windows 10, to make it more secure. The problem is that administrators have to implement them manually based on the instruction texts. In this work, we present an approach that uses natural language processing to implement Windows-related security-configuration guides automatically. Furthermore, we demonstrate that our proof of concept implements 83% of a guide’s rules with no manual effort and 97% of over 2000 rules correctly. Conclusively, we hope that our work will lead to fewer incidents related to insecure configured systems.
Read the publication here: doi.org/10.1145/3324884.3416540 (Available as of the end of October)
A recording of the presentation will also be available as of the end of October.