Title :
An Improved CVSS-based Vulnerability Scoring Mechanism
Author :
Wang, Ruyi ; Gao, Ling ; Sun, Qian ; Sun, Deheng
Author_Institution :
Dept. Comput. Sci. & Technol., Northwest Univ., Xi´´an, China
Abstract :
Through scoring vulnerabilities according to their risks, mastering statuses of vulnerabilities, security managers could adjust the configuration for computer security in time and give repair methods to different vulnerabilities flexibly. Since scoring vulnerabilities is significant for evaluating and repairing vulnerabilities, this paper presents a vulnerability scoring mechanism based on CVSS by analyzing advantages and disadvantages of CVSS and comparing with some improved CVSS-based methods. Our improved scoring mechanism makes the vulnerability evaluating more exactly and effectively, simplifying the process of vulnerability evaluating.
Keywords :
security of data; software performance evaluation; CVSS-based vulnerability scoring mechanism; Common Vulnerability Scoring System; computer security; security manager; vulnerability evaluation; Business; Equations; Maintenance engineering; Mathematical model; Measurement; Security; Servers; CVSS; vulnerability evaluation; vulnerability metrics;
Conference_Titel :
Multimedia Information Networking and Security (MINES), 2011 Third International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-4577-1795-6
DOI :
10.1109/MINES.2011.27
