Evaluation of security vulnerability severity based on CMAHP
暂无分享,去创建一个
Security vulnerabilities are a main cause of network security. Vulnerability severity assessment gives us the constructive suggestions on the priority of bug fixes, which help reduce the occurrence of the security incidents. To obtain the good assessment results, a method of evaluating vulnerability severity based on cloud model and analytic hierarchy process (CMAHP) was proposed. First, we utilize AHP to establish vulnerability severity multi-level index system. Then, the cloud theory is used to set up the remark set cloud, the scale set cloud and the membership function cloud to respectively confirm the quantification cloud graph of remark set, factor weights and membership fuzzy matrix. Combining with vulnerability ontology value and vulnerability correlation value, we can achieve the evaluation of vulnerability severity. Experiment shows that the method has a better assessment on vulnerability severity results.
[1] Haifeng Li,et al. Automatic classification for vulnerability based on machine learning , 2013, 2013 IEEE International Conference on Information and Automation (ICIA).
[2] Ying Dong,et al. A Novel Automatic Severity Vulnerability Assessment Framework , 2015, J. Commun..
[3] Thomas L. Saaty,et al. DERIVING THE AHP 1-9 SCALE FROM FIRST PRINCIPLES , 2001 .
[4] Zhang Bao-feng. Research on key technology of vulnerability threat classification , 2012 .