文章基本信息

标题：Stochastic Modelling of Vulnerability Life Cycle and Security Risk Evaluation
本地全文：下载
作者：Sasith M. Rajasooriya ; Chris P. Tsokos ; Pubudu Kalpani Kaluarachchi 等
期刊名称：Journal of Information Security
印刷版ISSN：2153-1234
电子版ISSN：2153-1242
出版年度：2016
卷号：07
期号：04
页码：269-279
DOI：10.4236/jis.2016.74022
语种：English
出版社：Scientific Research Publishing
摘要：The objective of the present study is to propose a risk evaluation statistical model for a given vulnerability by examining the Vulnerability Life Cycle and the CVSS score. Having a better understanding of the behavior of vulnerability with respect to time will give us a great advantage. Such understanding will help us to avoid exploitations and introduce patches for a particular vulnerability before the attacker takes the advantage. Utilizing the proposed model one can identify the risk factor of a specific vulnerability being exploited as a function of time. Measuring of the risk factor of a given vulnerability will also help to improve the security level of software and to make appropriate decisions to patch the vulnerability before an exploitation takes place.
关键词：Stochastic Modelling;Security;Risk Evaluation;Vulnerability Life Cycle;Risk Factor