Presentation | 2013-11-29 The proposal on a vulnerability evaluation method according to information system environment Naoki Kamegai, Naoshi Sato, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | It is essential to perform a vulnerability assessment to avoid for the security incident of own system because a lot of security incidents have been reported recently. In case of evaluating the vulnerability impact according to the environment of information system, an evaluation standard of the CVSS (common vulnerability assessment system) which is defined often used in any cases as a general technique by companies and organizations. CVSS uses base metrics and temporal base metrics, environment metrics. If the vulnerability assessment is performed about the environment of information system in the CVSS, an environment assessment standard must be used. However, there is a possibility to get different results depending on an evaluator because of subjective component in it. We therefore define how to objectively lead an evaluation value by using the result (successful attacks time) of vulnerability assessment tools and proposal. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | CVSS (Common Vulnerability Scoring System) / Objective assessment / measured value / Vulnerability testing tools |
Paper # | ISEC2013-69,LOIS2013-35 |
Date of Issue |
Conference Information | |
Committee | ISEC |
---|---|
Conference Date | 2013/11/21(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Information Security (ISEC) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | The proposal on a vulnerability evaluation method according to information system environment |
Sub Title (in English) | |
Keyword(1) | CVSS (Common Vulnerability Scoring System) |
Keyword(2) | Objective assessment |
Keyword(3) | measured value |
Keyword(4) | Vulnerability testing tools |
1st Author's Name | Naoki Kamegai |
1st Author's Affiliation | Institute of Information Security() |
2nd Author's Name | Naoshi Sato |
2nd Author's Affiliation | Institute of Information Security |
Date | 2013-11-29 |
Paper # | ISEC2013-69,LOIS2013-35 |
Volume (vol) | vol.113 |
Number (no) | 326 |
Page | pp.pp.- |
#Pages | 6 |
Date of Issue |