| Presentation | 2023-03-24 A preliminary study on time-dependency of cyber security vulnerability assessment Takashi Minohara, Naohiro Kubota, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Information system administrators must pay attention to system vulnerability information and take appropriate measures against security attacks on the systems they manage. However, as the number of security vulnerability reports increases, the time required to implement vulnerability remediation also increases, therefore vulnerability risks must be assessed and prioritized. Especially in the early stages of vulnerability discovery, such as zero-day attacks, the risk assessment must consider changes over time,since it takes time for the attack and countermeasures to spread. The Common Vulnerability Scoring System (CVSS) is used widely for vulnerability risk assessment, but it cannot be said that it can sufficiently cope with temporal changes of risk of attaks. In this paper, we report a preliminary study on the time dependency model for vulnerability risk assessment. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | security / vulnerability / risk assessment / time dependency |
| Paper # | CPSY2022-42,DC2022-101 |
| Date of Issue | 2023-03-16 (CPSY, DC) |
| Conference Information | |
| Committee | DC / CPSY / IPSJ-SLDM / IPSJ-EMB / IPSJ-ARC |
|---|---|
| Conference Date | 2023/3/23(3days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Amagi Town Disaster Prevention Center (Tokunoshima) |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | Tatsuhiro Tsuchiya(Osaka Univ.) / Michihiro Koibuchi(NII) / Hiroyuki Ochi(Ritsumeikan Univ.) / / Hiroshi Inoue(Nagoya Institute of Technology) |
| Vice Chair | Toshinori Hosokawa(Nihon Univ.) / Kota Nakajima(Fujitsu Lab.) / Tomoaki Tsumura(Nagoya Inst. of Tech.) |
| Secretary | Toshinori Hosokawa(Nihon Univ.) / Kota Nakajima(Chiba Univ.) / Tomoaki Tsumura(JAIST) / (Hitachi) / (Tokyo Inst. of Tech.) / (Meiji Univ.) |
| Assistant | / Ryohei Kobayashi(Tsukuba Univ.) / Takaaki Miyajima(Meiji Univ.) |
| Paper Information | |
| Registration To | Technical Committee on Dependable Computing / Technical Committee on Computer Systems / Special Interest Group on System and LSI Design Methodology / Special Interest Group on Embedded Systems / Special Interest Group on System Architecture |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | A preliminary study on time-dependency of cyber security vulnerability assessment |
| Sub Title (in English) | |
| Keyword(1) | security |
| Keyword(2) | vulnerability |
| Keyword(3) | risk assessment |
| Keyword(4) | time dependency |
| 1st Author's Name | Takashi Minohara |
| 1st Author's Affiliation | Takushoku University(Takushoku Univ.) |
| 2nd Author's Name | Naohiro Kubota |
| 2nd Author's Affiliation | Takushoku University(Takushoku Univ.) |
| Date | 2023-03-24 |
| Paper # | CPSY2022-42,DC2022-101 |
| Volume (vol) | vol.122 |
| Number (no) | CPSY-451,DC-452 |
| Page | pp.pp.49-54(CPSY), pp.49-54(DC), |
| #Pages | 6 |
| Date of Issue | 2023-03-16 (CPSY, DC) |