Improving CVSS-based vulnerability prioritization and response with context information

Frühwirth, Christian; Männistö, Tomi

doi:10.1109/esem.2009.5314230

Cited by 83 publications

(37 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Dispersion [2] includes the distinguishing degree and the distribution of the results assessed. There are a lot of researches on the objectivity of CVSS [3][4][5][6]. However, there are few researches on the dispersion.…”

Section: Dear Editormentioning

confidence: 99%

See 1 more Smart Citation

A revised CVSS-based system to improve the dispersion of vulnerability risk scores

Wen

Zhang

2018

Sci. China Inf. Sci.

View full text Add to dashboard Cite

Section: Dear Editormentioning

confidence: 99%

“…Calculate risk score. Put values of impact and exploitability into (1) and (4) to calculate a risk score. Both CVSS and CVSS PCA performs this step.…”

Section: Dear Editormentioning

confidence: 99%

A revised CVSS-based system to improve the dispersion of vulnerability risk scores

Wen

Zhang

2018

Sci. China Inf. Sci.

View full text Add to dashboard Cite

“…w = [w 1, w 2, w 3 ] denotes different requirements for different security attributes. In practice [19], 85% interviewees hold the viewpoint that the availability is the most important security attribute; 62% interviewees believe that integrity is the security attribute with minimal impact. That is to say, in terms of their importance, the priorities are availability first, then confidentiality, and then integrity.…”

Section: Impact Analysismentioning

confidence: 99%

Quantitative threat situation assessment based on alert verification

Yun

Hao

et al. 2016

Security Comm Networks

View full text Add to dashboard Cite

Traditional network threat situational assessment is based on raw alerts, not combined with contextual information, which influences the accuracy of assessment. In this paper, we propose a method to quantitatively assess network threat situation based on not only alerts but also contextual information. It firstly verifies alerts by matching alerts with contextual information to determine the successful probability of attacks, then analyzes the impact caused by attacks according to the severity and the corresponding asset value of them, and finally quantitatively assesses network threat situation based on the successful probability and the impact of attacks. Case studies show that the method can assess network threat situations more reasonably.

show abstract

“…The main problem of CVSS is that it is difficult to apply it. Because the number of vulnerabilities is on a sharp increase, determining the values of metrics manually is time-consuming and subjective [37]. Furthermore, the metric values may not be obtained due to the lack of information about vulnerabilities sometimes.…”

Section: Automatic Security Vulnerability Assessment Frameworkmentioning

confidence: 99%

A Novel Automatic Severity Vulnerability Assessment Framework

Wen¹,

Zhang²,

Dong³

et al. 2015

JCM

View full text Add to dashboard Cite

Abstract-Security vulnerabilities play an important role in network security. With the development of the network and the increasing number of vulnerabilities, many Quantitative Vulnerability Assessment Standards (QVAS) was proposed in order to enable professionals to prioritize the most important vulnerabilities with limited energy. However, it is difficult to apply QVAS manually due to the large number of vulnerabilities and lack of information. In order to address these problems, an Automatic Security Vulnerability Assessment Framework (ASVA) is proposed, which can automatically apply any QVAS to special Vulnerability Databases. ASVA obtain values of the metrics of a QVAS with new features of Text Mining; assign these values to a formula of QVAS and finally compute the severity values of the vulnerabilities. New features proposed in ASVA are special combinations of metrics of QVAS, so that consider the influence of metrics each other and improve the accuracy of Text Mining. Based on ASVA, CVSS as a QVAS is applied to three representative Vulnerability Databases. The results show that ASVA reduces the cost and period of the application of QVAS and promotes the standardization of security vulnerability management.

show abstract

Improving CVSS-based vulnerability prioritization and response with context information

Cited by 83 publications

References 22 publications

A revised CVSS-based system to improve the dispersion of vulnerability risk scores

A revised CVSS-based system to improve the dispersion of vulnerability risk scores

Quantitative threat situation assessment based on alert verification

A Novel Automatic Severity Vulnerability Assessment Framework

Contact Info

Product

Resources

About