Title :
Fuzzy Heuristic Design for Diagnosis of Web-Based Vulnerabilities
Author :
Subramanian, Deepak ; Le, Ha Thanh ; Loh, Peter Kok Keong
Author_Institution :
Sch. of Comput. Eng., Nanyang Technol. Univ., Singapore
Abstract :
The common vulnerability scoring system (CVSS) provides an open, standardized method for rating vulnerabilities. CVSS provides base-level metrics for vulnerability classification that can be used with other strategies such as intrusion detection classification to form a complete diagnostic system. This emphasizes focus on defining and representing the various strategies that can be employed to provide a formal and more practical approach to vulnerabilities assessment. The various parameters that are defined have been derived from a set of five assertions and the initial fuzzy scanner metrics (the pre-defined scanner parameters). The fuzziness of the scanner metrics allows for a greater manipulation of results before a complete diagnosis can be presented. The confidence reports (1st and 2nd degree) could be used to provide information aiding the initiation of suitable steps to be taken.
Keywords :
Internet; fuzzy set theory; Web-based vulnerability; base-level metrics; common vulnerability scoring system; fuzzy heuristic design; fuzzy scanner metrics; Application software; Computerized monitoring; Databases; Design engineering; Fuzzy sets; Fuzzy systems; Internet; Intrusion detection; Protection; Standardization;
Conference_Titel :
Internet Monitoring and Protection, 2009. ICIMP '09. Fourth International Conference on
Conference_Location :
Venice/Mestre
Print_ISBN :
978-1-4244-3839-6
Electronic_ISBN :
978-0-7695-3612-5
DOI :
10.1109/ICIMP.2009.25