Abstract

Vulnerability technology is the basic of network security technology, vulnerability quantitative grading methods, such as CVSS, WIVSS, ICVSS, provide a reference to vulnerability management, but the problems of ignoring the risk elevation caused by a group of vulnerabilities and low accuracy of exploitable level evaluation exist in current vulnerability quantitative grading methods. To solve problems above in current network security quantitative evaluation methods, this paper verified the high relevance degree between type and exploitable score of vulnerability, proposed a new vulnerability quantitative grading method ICVSS, ICVSS can explore attack path using continuity level defined by privilege, add vulnerability type to measure indexes of exploitable metrics and use Analytic Hierarchy Process (AHP) to quantify the influence of vulnerability type on exploitable level. Compared with CVSS and WIVSS, ICVSS is proved that it can discover attack path consist of a sequence of vulnerabilities for network security situation evaluation, and has more accuracy and stability.

Details

Title
ICVSS: A New Method for Vulnerability Quantitative Grading
Author
Tan, Tiantian; Wang, Baosheng; Tang, Yong; Zhou, Xu; Han, Jingwen
Pages
629-641
Section
ARTICLE
Publication year
2019
Publication date
2019
Publisher
Tech Science Press
ISSN
1546-2218
e-ISSN
1546-2226
Source type
Scholarly Journal
Language of publication
English
DOI
https://doi.org/10.32604/cmc.2019.06049
ProQuest document ID
2396003854
Copyright
© 2019. This work is licensed under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.