Iranian Journal of Information Processing & Management (Oct 2014)

A computational method based on CVSS for quantifying the vulnerabilities in computer network

  • Shahriyar Mohammadi,
  • Mohammad Hossein Sherkat,
  • Mona Jami pour

Journal volume & issue
Vol. 29, no. 4
pp. 1107 – 1145

Abstract

Read online

Network vulnerability taxonomy has become increasingly important in the area of information and data exchange not only for its potential use in identification of vulnerabilities but also in their assessment and prioritization. Computer networks play an important role in information and communication infrastructure. However, they are constantly exposed to a variety of vulnerability risks. In their attempts to create secure information exchange systems, scientists have concentrated on understanding the nature and typology of these vulnerabilities. Their efforts aimed at establishing secure networks have led to the development of a variety of methods and techniques for quantifying vulnerability. The objective of the present paper is developing a method based on the second edition of common vulnerability scoring system (CVSS) for the quantification of Computer Network vulnerabilities. It is expected that the proposed model will help in the identification and effective management of vulnerabilities by their quantification.

Keywords