Tiantian Tan1,*, Baosheng Wang1, Yong Tang1, Xu Zhou1, Jingwen Han2
CMC-Computers, Materials & Continua, Vol.61, No.2, pp. 629-641, 2019, DOI:10.32604/cmc.2019.06049
Abstract Vulnerability technology is the basic of network security technology, vulnerability quantitative grading methods, such as CVSS, WIVSS, ICVSS, provide a reference to vulnerability management, but the problems of ignoring the risk elevation caused by a group of vulnerabilities and low accuracy of exploitable level evaluation exist in current vulnerability quantitative grading methods. To solve problems above in current network security quantitative evaluation methods, this paper verified the high relevance degree between type and exploitable score of vulnerability, proposed a new vulnerability quantitative grading method ICVSS, ICVSS can explore attack path using continuity level defined by More >
Login
Register
