Table of Content

Open Access iconOpen Access

ARTICLE

A Method for Vulnerability Database Quantitative Evaluation

Tiantian Tan1,*, Baosheng Wang1, Yong Tang1, Xu Zhou1, Jingwen Han2

1 National University of Defense Technology, Deya village, Changsha, China.
2 University of British Columbia, Vancouver, Canada.
* Corresponding Author: Tiantian Tan. Email: happinesschild@126.com.

Computers, Materials & Continua 2019, 61(3), 1129-1144. https://doi.org/10.32604/cmc.2019.06051

Abstract

During system development, implementation and operation, vulnerability database technique is necessary to system security; there are many vulnerability databases but a lack of quality standardization and general evaluation method are needed. this paper summarized current international popular vulnerability databases, systematically introduced the present situation of current vulnerability databases, and found the problems of vulnerability database technology, extracted common metrics by analyzing vulnerability data of current popular vulnerability databases, introduced 4 measure indexes: the number scale of vulnerabilities, the independence level, the standardization degree and the integrity of vulnerability description, proposed a method for vulnerability database quantitative evaluation using SCAP protocol and corresponding standard, analyzed a large number of vulnerabilities in current popular vulnerability database, quantitative evaluated vulnerability database by the law of normal distribution, the experimental results show this method has strong versatility and science, and it is beneficial to improve the quality and standardization construction for vulnerability database development.

Keywords


Cite This Article

T. Tan, B. Wang, Y. Tang, X. Zhou and J. Han, "A method for vulnerability database quantitative evaluation," Computers, Materials & Continua, vol. 61, no.3, pp. 1129–1144, 2019.

Citations




cc This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 2466

    View

  • 1747

    Download

  • 0

    Like

Related articles

Share Link