Open Access iconOpen Access

ARTICLE

crossmark

Selecting Best Software Vulnerability Scanner Using Intuitionistic Fuzzy Set TOPSIS

Navneet Bhatt1, Jasmine Kaur2, Adarsh Anand2, Omar H. Alhazmi3,*

1 Anil Surendra Modi School of Commerce, Narsee Monjee Institute of Management Studies, Deemed to be University, Mumbai, 400056, India
2 Department of Operational Research, Faculty of Mathematical Sciences, University of Delhi, Delhi, 110007, India
3 Department of Computer Science, Taibah University, Medina, 30001, Saudi Arabia

* Corresponding Author: Omar H. Alhazmi. Email: email

Computers, Materials & Continua 2022, 72(2), 3613-3629. https://doi.org/10.32604/cmc.2022.026554

Abstract

Software developers endeavor to build their products with the least number of bugs. Despite this, many vulnerabilities are detected in software that threatens its integrity. Various automated software i.e., vulnerability scanners, are available in the market which helps detect and manage vulnerabilities in a computer, application, or a network. Hence, the choice of an appropriate vulnerability scanner is crucial to ensure efficient vulnerability management. The current work serves a dual purpose, first, to identify the key factors which affect the vulnerability discovery process in a network. The second, is to rank the popular vulnerability scanners based on the identified attributes. This will aid the firm in determining the best scanner for them considering multiple aspects. The multi-criterion decision making based ranking approach has been discussed using the Intuitionistic Fuzzy set (IFS) and Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) to rank the various scanners. Using IFS TOPSIS, the opinion of a whole group could be simultaneously considered in the vulnerability scanner selection. In this study, five popular vulnerability scanners, namely, Nessus, Fsecure Radar, Greenbone, Qualys, and Nexpose have been considered. The inputs of industry specialists i.e., people who deal in software security and vulnerability management process have been taken for the ranking process. Using the proposed methodology, a hierarchical classification of the various vulnerability scanners could be achieved. The clear enumeration of the steps allows for easy adaptability of the model to varied situations. This study will help product developers become aware of the needs of the market and design better scanners. And from the user's point of view, it will help the system administrators in deciding which scanner to deploy depending on the company's needs and preferences. The current work is the first to use a Multi Criterion Group Decision Making technique in vulnerability scanner selection.

Keywords


Cite This Article

APA Style
Bhatt, N., Kaur, J., Anand, A., Alhazmi, O.H. (2022). Selecting best software vulnerability scanner using intuitionistic fuzzy set TOPSIS. Computers, Materials & Continua, 72(2), 3613-3629. https://doi.org/10.32604/cmc.2022.026554
Vancouver Style
Bhatt N, Kaur J, Anand A, Alhazmi OH. Selecting best software vulnerability scanner using intuitionistic fuzzy set TOPSIS. Comput Mater Contin. 2022;72(2):3613-3629 https://doi.org/10.32604/cmc.2022.026554
IEEE Style
N. Bhatt, J. Kaur, A. Anand, and O.H. Alhazmi "Selecting Best Software Vulnerability Scanner Using Intuitionistic Fuzzy Set TOPSIS," Comput. Mater. Contin., vol. 72, no. 2, pp. 3613-3629. 2022. https://doi.org/10.32604/cmc.2022.026554



cc This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 1294

    View

  • 652

    Download

  • 0

    Like

Share Link