Dynamic Risk Assessment System for the Vulnerability Scoring

Q: How can I download an article?

To download an article from SID, first log in to the site, search for the article title, and click on the 'Download Article' option.

Q: How can I download an ISI article?

To download an ISI article on SID, enter the keyword or article title in the search bar, view the relevant results, click on the desired article, and select the 'Download Article' option.

Q: How can I access the SID database?

To access the SID database, visit SID.ir, create an account, and log in to access scientific resources.

Q: Is downloading articles from SID free?

Some articles on SID are available for free, while others require payment. Details are specified on the article's page.

KERAMATI MARJAN

مرکز اطلاعات علمی Scientific Information Database (SID) - Trusted Source for Research and Academic Resources

Journal Paper

Paper Information

Journal: INTERNATIONAL JOURNAL OF INFORMATION AND COMMUNICATION TECHNOLOGY RESEARCH Year:2017 | Volume:9 | Issue:4 Page(s): 57-68

Download Full-Text

View:

155

Download:

Cites:

Information Journal Paper

Title

Dynamic Risk Assessment System for the Vulnerability Scoring

Author(s)

KERAMATI MARJAN | Issue Writer Certificate

Keywords

CVSS

Risk

Vulnerability

Impact

Network Hardening

Security Metric

exploit

patch

Abstract

One of the key factors that endangers network security is software vulnerabilities. So, increasing growth of Vulnerability emergence is a critical challenge in security management. Also, organizations constantly encounter the limited budget problem. Therefore, to do Network Hardening in a cost-benefit manner, quantitative Vulnerability assessment for finding the most critical vulnerabilities is a vital issue. The most prominent Vulnerability scoring systems is CVSS (Common Vulnerability Scoring System) that ranks vulnerabilities based on their intrinsic characteristics. But in CVSS, Temporal features or the effect of existing patches and exploit tools in Risk estimation of vulnerabilities are ignored. So, CVSS scores are not accurate. Another deficiency with CVSS that limits its application in real networks is that, in CVSS, only a small set of scores is used for discriminating between numerous numbers of vulnerabilities. To improve the difficulties with existing scoring systems, here some Security Metrics are defined that rank vulnerabilities by considering their temporal features beside their intrinsic ones. Also, by the aim of improving scores diversity in CVSS, a new method is proposed for Impact estimation of Vulnerability exploitation on security parameters of the network. Performing Risk assessment by considering the type of the attacker which endangers the network security most is another novelty of this paper.

Cites

No record.

References

No record.

Cite

APA: Copy

KERAMATI, MARJAN. (2017). Dynamic Risk Assessment System for the Vulnerability Scoring. INTERNATIONAL JOURNAL OF INFORMATION AND COMMUNICATION TECHNOLOGY RESEARCH, 9(4), 57-68. SID. https://sid.ir/paper/315174/en

Vancouver: Copy

KERAMATI MARJAN. Dynamic Risk Assessment System for the Vulnerability Scoring. INTERNATIONAL JOURNAL OF INFORMATION AND COMMUNICATION TECHNOLOGY RESEARCH[Internet]. 2017;9(4):57-68. Available from: https://sid.ir/paper/315174/en

IEEE: Copy

MARJAN KERAMATI, “Dynamic Risk Assessment System for the Vulnerability Scoring,” INTERNATIONAL JOURNAL OF INFORMATION AND COMMUNICATION TECHNOLOGY RESEARCH, vol. 9, no. 4, pp. 57–68, 2017, [Online]. Available: https://sid.ir/paper/315174/en

Related Journal Papers

No record.

Related Seminar Papers

No record.

Related Plans

No record.

Recommended Workshops