We apologize for a recent technical issue with our email system, which temporarily affected account activations. Accounts have now been activated. Authors may proceed with paper submissions. PhDFocusTM
CFP last date
20 December 2024
Call for Paper
January Edition
IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 20 December 2024

Submit your paper
Know more
The week's pick
Responsive image
Improved Shuffled Frog Leaping Algorithm with Self-Adaptive Shuffling for Fuzzy Logic PD+G Controller Optimization in Robotic Manipulators

Duc Hoang Nguyen
Random Articles
Reseach Article

Analyzing Trends in Vulnerability Classes across CVSS Metrics

by Anshu Tripathi, Umesh Kumar Singh
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 36 - Number 3
Year of Publication: 2011
Authors: Anshu Tripathi, Umesh Kumar Singh
10.5120/4474-6282

Anshu Tripathi, Umesh Kumar Singh . Analyzing Trends in Vulnerability Classes across CVSS Metrics. International Journal of Computer Applications. 36, 3 ( December 2011), 38-44. DOI=10.5120/4474-6282

@article{ 10.5120/4474-6282,
author = { Anshu Tripathi, Umesh Kumar Singh },
title = { Analyzing Trends in Vulnerability Classes across CVSS Metrics },
journal = { International Journal of Computer Applications },
issue_date = { December 2011 },
volume = { 36 },
number = { 3 },
month = { December },
year = { 2011 },
issn = { 0975-8887 },
pages = { 38-44 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume36/number3/4474-6282/ },
doi = { 10.5120/4474-6282 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T20:22:13.681333+05:30
%A Anshu Tripathi
%A Umesh Kumar Singh
%T Analyzing Trends in Vulnerability Classes across CVSS Metrics
%J International Journal of Computer Applications
%@ 0975-8887
%V 36
%N 3
%P 38-44
%D 2011
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Rising vulnerability statistics demands multidimensional trend analysis for efficient threat mitigation. Understanding trends aids in early detection of problems and also in planning defense mechanisms. In this regard, this paper presents fine-grained trend analysis on classified vulnerability data provided by NVD, across six CVSS base metrics. Such analysis of vulnerability data according to their type, CIA impact, access vector and access complexity helpful in identifying most critical class of vulnerability relative to system environment and improve risk mitigation process.

References
  1. R. Kuhn, H. Rossman and S. Liu, “Introducing Insecure IT”, IT Professional, Jan/Feb 2009, pp. 24-26.
  2. NHS and NIST, National Vulnerability Database (NVD), automating vulnerability management, security Measurement, and compliance checking, http://nvd.nist.gov/scap.cfm , (Accessed on 15-06-2011).
  3. Tim Shimeall and Phil Williams, “Models of Information Security Trend Analysis”, Available at http://www.cert.org/archive/pdf/info-security.pdf.
  4. R. Gopalakrishna, E. Spafford and J. Vitek, “A Trend Analysis of Vulnerabilities”, CERIAS TR 2005-06, 2005.
  5. Tripathi, A. Singh, U.K., “Taxonomic Analysis of Classification Schemes in Vulnerability Databases” (Communicated)
  6. Common Vulnerabilities and Exposures. [Online]. Available:http://cve.mitre.org (Accessed on 15-06-2011)
  7. Common Weakness Enumeration. [Online]. Available: http://cwe.mitre.org (Accessed on 15-06-2011)
  8. Zhongqiang Chen, Yuan Zhang, Zhongrong Chen, “A Categorization Framework for Commom Vulnerabilities and Exposures.” In the computer Journal Advance Access published online on May 7, 2009, http://comjnl.oxfordjournals.org,doilO.1093/comjnl/bxp040
  9. R. Kuhn and Chris Johnson, “Vulnerability Trends: Measuring Progress”, IT Professional, 2010, pp. 51-53.
Index Terms

Computer Science
Information Sciences

Keywords

Vulnerability Trend analysis CVSS metrics CWE NVD

Powered by PhDFocusTM