Abstract
Currently, because of the exponential growth of vulnerabilities, one of the most essential requirements for IT managers is to improve network security by eliminating vulnerabilities that are most hazardous. Achieving this goal requires ranking vulnerabilities based on their peril to the network. Today, this target has become possible by introducing open standards such as Common Vulnerability Scoring System (CVSS) for ranking vulnerabilities. But, CVSS suffers from basic and serious problems that limits use of it for efficient vulnerability scoring. One constraint is its limited diversity of scores that a small set of discrete values are used for ranking large amount of vulnerabilities. Another challenge is that, CVSS does not score features of the vulnerability that change over time such as availability of exploit tools. By considering these limitations, in this paper a Vulnerability Scoring System has developed that assess the risk of each known vulnerability based on its intrinsic and temporal features. Also, in this paper a novel method is proposed for the Impact estimation of vulnerability exploiting that improves the diversity of risk scores considerably.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
