کد مقاله کد نشریه سال انتشار مقاله انگلیسی نسخه تمام متن
456235 695680 2008 13 صفحه PDF دانلود رایگان
عنوان انگلیسی مقاله ISI
Standardising vulnerability categories
موضوعات مرتبط
مهندسی و علوم پایه مهندسی کامپیوتر شبکه های کامپیوتری و ارتباطات
پیش نمایش صفحه اول مقاله
Standardising vulnerability categories
چکیده انگلیسی

Each vulnerability scanner (VS) represents, identifies and classifies vulnerabilities in its own way, thus making the different scanners difficult to study and compare. Despite numerous efforts by researchers and organisations to solve the disparity in vulnerability names used in the different VSs, vulnerability categories have still not been standardised. This paper highlights the importance of having a standard vulnerability category set. It also outlines an approach towards achieving this goal by generating a standard set of vulnerability categories. A data-clustering algorithm that employs artificial intelligence is used for this purpose. The significance of this research results from having an intelligent technique that aids in the generation of standardised vulnerability categories in a relatively fast way. In addition, the technique is generic in the sense that it allows one to accommodate any VS currently known on the market to create such vulnerability categories. Another benefit is that the approach followed in this paper allows one to also compare various VSs currently available on the market. A prototype is presented to verify the concept.

ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Computers & Security - Volume 27, Issues 3–4, May–June 2008, Pages 71–83
نویسندگان
, , ,