Table of Content

Open Access iconOpen Access

ARTICLE

ICVSS: A New Method for Vulnerability Quantitative Grading

by Tiantian Tan1, Baosheng Wang1, Yong Tang1, Xu Zhou1, Jingwen Han2

National University of Defense Technology, Deya Village, Changsha, China.
University of British Columbia, Vancouver, Canada.

*Corresponding Author: Tiantian Tan. Email: email.

Computers, Materials & Continua 2019, 61(2), 629-641. https://doi.org/10.32604/cmc.2019.06049

Abstract

Vulnerability technology is the basic of network security technology, vulnerability quantitative grading methods, such as CVSS, WIVSS, ICVSS, provide a reference to vulnerability management, but the problems of ignoring the risk elevation caused by a group of vulnerabilities and low accuracy of exploitable level evaluation exist in current vulnerability quantitative grading methods. To solve problems above in current network security quantitative evaluation methods, this paper verified the high relevance degree between type and exploitable score of vulnerability, proposed a new vulnerability quantitative grading method ICVSS, ICVSS can explore attack path using continuity level defined by privilege, add vulnerability type to measure indexes of exploitable metrics and use Analytic Hierarchy Process (AHP) to quantify the influence of vulnerability type on exploitable level. Compared with CVSS and WIVSS, ICVSS is proved that it can discover attack path consist of a sequence of vulnerabilities for network security situation evaluation, and has more accuracy and stability.

Keywords


Cite This Article

APA Style
Tan, T., Wang, B., Tang, Y., Zhou, X., Han, J. (2019). ICVSS: A new method for vulnerability quantitative grading. Computers, Materials & Continua, 61(2), 629-641. https://doi.org/10.32604/cmc.2019.06049
Vancouver Style
Tan T, Wang B, Tang Y, Zhou X, Han J. ICVSS: A new method for vulnerability quantitative grading. Comput Mater Contin. 2019;61(2):629-641 https://doi.org/10.32604/cmc.2019.06049
IEEE Style
T. Tan, B. Wang, Y. Tang, X. Zhou, and J. Han, “ICVSS: A New Method for Vulnerability Quantitative Grading,” Comput. Mater. Contin., vol. 61, no. 2, pp. 629-641, 2019. https://doi.org/10.32604/cmc.2019.06049



cc Copyright © 2019 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 2009

    View

  • 1549

    Download

  • 0

    Like

Related articles

Share Link