Title :
Estimate the influential level of vulnerability instance based on hybrid ranking for dynamic network attacking scenarios
Author :
Huang, Heqing ; Zhao, Feng ; Ye, Min
Author_Institution :
Sch. of Comput. Sci. & Technol., Huazhong Univ. of Sci. & Technol., Wuhan, China
Abstract :
Because of the large scale and wide variety of vulnerabilities under network scenarios, administrator using isolated scoring method for the scanned vulnerability can hardly figure out an economic and practical vulnerability patching strategy from numerous choices, due to the lack of consideration on the dynamic status and logic relations among exploits. In this paper, we estimated the influential level of vulnerabilities under the dynamic network scenario through a “hybrid” ranking approach, which is a combination of the low-level rating for vulnerability instances and high-level evaluation for the whole network system. To demonstrate both the applicability and accuracy of our approach, a hybrid ranking engine (HRE) is built. Results show that our approach can help make better operations to harden the network security under network scenarios.
Keywords :
rendering (computer graphics); security of data; HRE; dynamic network attacking scenarios; hybrid ranking engine; influential level estimation; vulnerability instance; Educational institutions; Attack Scenarios; CVSS; Graph Ranking;
Conference_Titel :
Information Sciences Signal Processing and their Applications (ISSPA), 2010 10th International Conference on
Conference_Location :
Kuala Lumpur
Print_ISBN :
978-1-4244-7165-2
DOI :
10.1109/ISSPA.2010.5605434
