Analytical attack modeling and security assessment based on the common vulnerability scoring system

2017 ◽  
Author(s):  
Elena Doynikova ◽  
Andrey Chechulin ◽  
Igor Kotenko
Keyword(s):  
Scoring System ◽  
Security Assessment ◽  
Attack Modeling ◽  
The Common

A Generation Method of Network Security Hardening Strategy Based on Attack Graphs

2015 ◽  
Vol 12 (1) ◽  
pp. 45-61 ◽  
Author(s):  
Chao Zhao ◽  
Huiqiang Wang ◽  
Junyu Lin ◽  
Hongwu Lv ◽  
Yushu Zhang
Keyword(s):  
Network Security ◽  
Heuristic Algorithm ◽  
Scoring System ◽  
Time Complexity ◽  
Path Length ◽  
Low Cost ◽  
Attack Graphs ◽  
Running Time ◽  
Security Hardening ◽  
The Common

Analyzing attack graphs can provide network security hardening strategies for administrators. Concerning the problems of high time complexity and costly hardening strategies in previous methods, a method for generating low cost network security hardening strategies is proposed based on attack graphs. The authors' method assesses risks of attack paths according to path length and the common vulnerability scoring system, limits search scope with a threshold to reduce the time complexity, and lowers cost of hardening strategies by using a heuristic algorithm. The experimental results show that the authors' method has good scalability, and significantly reduces cost of network security hardening strategies with reasonable running time.

Improving the Common Vulnerability Scoring System

2007 ◽  
Vol 1 (3) ◽  
pp. 119 ◽  
Author(s):  
P. Mell ◽  
K. Scarfone
Keyword(s):  
Scoring System ◽  
The Common

scholarly journals Effectiveness of clinical abdominal scoring system in the management of patients with blunt trauma abdomen

2021 ◽  
Vol 8 (4) ◽  
pp. 1175
Author(s):  
Dharmendra Kumar ◽  
Mohan Kumar K.
Keyword(s):  
Blunt Trauma ◽  
Scoring System ◽  
Motor Vehicle ◽  
Total Mortality ◽  
Emergency Laparotomy ◽  
Solid Organ ◽  
Radiological Investigation ◽  
Mortality And Morbidity ◽  
Common Causes ◽  
The Common

Background: Abdominal injury being the most common cause of mortality and morbidity, its incidence comes after extremities and head injury. Early diagnosis and treatment can reduce mortality by upto 50%. The common causes for blunt trauma abdomen include motor vehicle crashes, direct trauma and fall from heights. Objectives of the current investigation were to score the patients with BTA with clinical abdominal scoring system and to compare the score of CASS with USG/CT abdomen and pelvis findings in patients of BTA. Methods: All patients who are suspected to have BTA were scored using CASS and radiological investigations were done in the ED. The decision to proceed with the surgery would be done if the patient had CASS >12 and/or if the radiological investigation shows features of BTA like air under diaphragm or grade IV/V solid organ injury.Results: Males accounts for 81% of cases and the rest being females. Most common mode of injury was found to be RTA. Most common injured organs are spleen >liver >small intestine (ileum). The CASS has specificity of 84.62%, sensitivity of 99.2%, PPV 33.3%, NPV 100%. Total mortality in the study was 7.1%Conclusions: Patients with CASS of <8 can be managed conservatively. Patient with score >12 or hemodynamically unstable can be taken up for emergency laparotomy without any delay. Patients with CASS between 9 and 11, with good clinical assessment aided with radiological investigations can be managed depending upon the severity of the injury.

scholarly journals A Security and Privacy Scoring System for Contact Tracing Apps

2021 ◽  
Vol 1 (4) ◽  
pp. 597-614
Author(s):  
Leah Krehling ◽  
Aleksander Essex
Keyword(s):  
Scoring System ◽  
Security And Privacy ◽  
Contact Tracing ◽  
Main Function ◽  
Privacy And Security ◽  
High Ranking ◽  
Attack Modeling ◽  
Informed Decisions ◽  
Natural Way

Contact tracing applications have flooded the marketplace, as governments worldwide have been working to release apps for their citizens. These apps use a variety of protocols to perform contact tracing, resulting in widely differing security and privacy assurances. Governments and users have been left without a standard metric to weigh these protocols and compare their assurances to know which are more private and secure. Although there are many ways to approach a quantitative metric for privacy and security, one natural way is to draw on the methodology used by the well-known common vulnerability scoring system (CVSS). For privacy, we applied consensus principles for contract tracing as a basis for comparing their relative privacy practices. For security, we performed attack modeling to develop a rubric to compare the security of respective apps. Our analysis shows that centralized Bluetooth with added location functionality has low privacy and security, while non-streaming GPS scored high in security and medium in privacy. Based on our methodology, only two apps were given a high ranking of privacy: Canada’s Covid Alert and Germany’s Corona Warn-App. They both used the Google/Apple Notification Framework as the basis for their design. To achieve comparable privacy, we recommend that future projects follow their examples in the following ways: minimizing the amount of data they collect and holding it for the shortest possible length of time; only having features necessary for the app’s main function; and releasing design details so that users can make informed decisions.

scholarly journals The common configuration scoring system (CCSS) :

2010 ◽  
Author(s):  
Karen Scarfone ◽  
Peter Mell
Keyword(s):  
Scoring System ◽  
The Common

scholarly journals The Common Misuse Scoring System (CMSS): Metrics for Software Feature Misuse Vulnerabilities

2012 ◽  
Author(s):  
Elizabeth LeMay ◽  
Karen Scarfone ◽  
Peter Mell
Keyword(s):  
Scoring System ◽  
The Common

An expert-based investigation of the Common Vulnerability Scoring System

2015 ◽  
Vol 53 ◽  
pp. 18-30 ◽  
Author(s):  
Hannes Holm ◽  
Khalid Khan Afridi
Keyword(s):  
Scoring System ◽  
The Common

scholarly journals CVSS: Ubiquitous and Broken

2021 ◽  
Author(s):  
Henry Howland
Keyword(s):  
Information Systems ◽  
Scoring System ◽  
Sensitive Information ◽  
The Core ◽  
Vulnerability Management ◽  
In The Wild ◽  
The Common ◽  
Private Corporations ◽  
Specification Document

The Common Vulnerability Scoring System is at the core of vulnerability management for systems of private corporations to highly classified government networks, allowing organizations to prioritize remediation in descending order of risk. With a lack of justification for its underlying formula, inconsistencies in its specification document, and no correlation to exploited vulnerabilities in the wild, it is unable to provide a meaningful metric for describing a vulnerability's severity, let alone risk. As it stands, this standard compromises the security of America?s most sensitive information systems.

Sign in / Sign up

Export Citation Format

Share Document