loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Authors: Olutola Adebiyi and Massimiliano Albanese

Affiliation: Center for Secure Information Systems, George Mason University, Fairfax, U.S.A.

Keyword(s): Vulnerability Scanning, Security Metrics, Software Weaknesses.

Abstract: As the number and severity of security incidents continue to increase, remediating vulnerabilities and weaknesses has become a daunting task due to the sheer number of known vulnerabilities. Different scoring systems have been developed to provide qualitative and quantitative assessments of the severity of common vulnerabilities and weaknesses, and guide the prioritization of vulnerability remediation. However, these scoring systems provide only generic rankings of common weaknesses, which do not consider the specific vulnerabilities that exist in each system. To address this limitation, and building on recent principled approaches to vulnerability scoring, we propose new common weakness scoring metrics that consider the findings of vulnerability scanners, including the number of instances of each vulnerability across a system, and enable system-specific rankings that can provide actionable intelligence to security administrators. We built a small testbed to evaluate the proposed met rics against an existing metric, and show that the results are consistent with our intuition. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.227.102.88

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Adebiyi, O. and Albanese, M. (2023). Towards Usable Scoring of Common Weaknesses. In Proceedings of the 20th International Conference on Security and Cryptography - SECRYPT; ISBN 978-989-758-666-8; ISSN 2184-7711, SciTePress, pages 183-191. DOI: 10.5220/0012090900003555

@conference{secrypt23,
author={Olutola Adebiyi and Massimiliano Albanese},
title={Towards Usable Scoring of Common Weaknesses},
booktitle={Proceedings of the 20th International Conference on Security and Cryptography - SECRYPT},
year={2023},
pages={183-191},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012090900003555},
isbn={978-989-758-666-8},
issn={2184-7711},
}

TY - CONF

JO - Proceedings of the 20th International Conference on Security and Cryptography - SECRYPT
TI - Towards Usable Scoring of Common Weaknesses
SN - 978-989-758-666-8
IS - 2184-7711
AU - Adebiyi, O.
AU - Albanese, M.
PY - 2023
SP - 183
EP - 191
DO - 10.5220/0012090900003555
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic