IEICE Technical Committee Submission System
Conference Paper's Information
Online Proceedings
[Sign in]
... (for ESS/CS/ES/ISS)
Tech. Rep. Archives
... (for ES/CS)
 Go Top Page Go Previous   [Japanese] / [English] 

Paper Abstract and Keywords
Presentation 2013-11-29 13:30
The proposal on a vulnerability evaluation method according to information system environment
Naoki Kamegai, Naoshi Sato (IISEC) ISEC2013-69 LOIS2013-35
Abstract (in Japanese) (See Japanese page) 
(in English) It is essential to perform a vulnerability assessment to avoid for the security incident of own system because a lot of security incidents have been reported recently. In case of evaluating the vulnerability impact according to the environment of information system, an evaluation standard of the CVSS (common vulnerability assessment system) which is defined often used in any cases as a general technique by companies and organizations. CVSS uses base metrics and temporal base metrics, environment metrics. If the vulnerability assessment is performed about the environment of information system in the CVSS, an environment assessment standard must be used. However, there is a possibility to get different results depending on an evaluator because of subjective component in it. We therefore define how to objectively lead an evaluation value by using the result(successful attacks time) of vulnerability assessment tools and proposal.
Keyword (in Japanese) (See Japanese page) 
(in English) CVSS(Common Vulnerability Scoring System) / Objective assessment / measured value / Vulnerability testing tools / / / /  
Reference Info. IEICE Tech. Rep., vol. 113, no. 326, ISEC2013-69, pp. 65-70, Nov. 2013.
Paper # ISEC2013-69 
Date of Issue 2013-11-21 (ISEC, LOIS) 
ISSN Print edition: ISSN 0913-5685  Online edition: ISSN 2432-6380
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (No. 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034)
Download PDF ISEC2013-69 LOIS2013-35

Conference Information
Committee ISEC LOIS  
Conference Date 2013-11-28 - 2013-11-29 
Place (in Japanese) (See Japanese page) 
Place (in English) Tohoku Univ. 
Topics (in Japanese) (See Japanese page) 
Topics (in English)  
Paper Information
Registration To ISEC 
Conference Code 2013-11-ISEC-LOIS 
Language Japanese 
Title (in Japanese) (See Japanese page) 
Sub Title (in Japanese) (See Japanese page) 
Title (in English) The proposal on a vulnerability evaluation method according to information system environment 
Sub Title (in English)  
Keyword(1) CVSS(Common Vulnerability Scoring System)  
Keyword(2) Objective assessment  
Keyword(3) measured value  
Keyword(4) Vulnerability testing tools  
1st Author's Name Naoki Kamegai  
1st Author's Affiliation Institute of Information Security (IISEC)
2nd Author's Name Naoshi Sato  
2nd Author's Affiliation Institute of Information Security (IISEC)
3rd Author's Name  
3rd Author's Affiliation ()
4th Author's Name  
4th Author's Affiliation ()
5th Author's Name  
5th Author's Affiliation ()
6th Author's Name  
6th Author's Affiliation ()
7th Author's Name  
7th Author's Affiliation ()
8th Author's Name  
8th Author's Affiliation ()
9th Author's Name  
9th Author's Affiliation ()
10th Author's Name  
10th Author's Affiliation ()
11th Author's Name  
11th Author's Affiliation ()
12th Author's Name  
12th Author's Affiliation ()
13th Author's Name  
13th Author's Affiliation ()
14th Author's Name  
14th Author's Affiliation ()
15th Author's Name  
15th Author's Affiliation ()
16th Author's Name  
16th Author's Affiliation ()
17th Author's Name  
17th Author's Affiliation ()
18th Author's Name  
18th Author's Affiliation ()
19th Author's Name  
19th Author's Affiliation ()
20th Author's Name  
20th Author's Affiliation ()
Date Time 2013-11-29 13:30:00 
Presentation Time 25 
Registration for ISEC 
Paper # IEICE-ISEC2013-69,IEICE-LOIS2013-35 
Volume (vol) IEICE-113 
Number (no) no.326(ISEC), no.327(LOIS) 
Page pp.65-70 
#Pages IEICE-6 
Date of Issue IEICE-ISEC-2013-11-21,IEICE-LOIS-2013-11-21 

[Return to Top Page]

[Return to IEICE Web Page]

The Institute of Electronics, Information and Communication Engineers (IEICE), Japan