Assessment of Windows system security using vulnerability relationship graph

被引:0
|
作者
Zhang, YZ [1 ]
Fang, BX [1 ]
Chi, Y [1 ]
Yun, XC [1 ]
机构
[1] Harbin Inst Technol, Res Ctr Comp Network & Informat Secur Technol, Harbin 150001, Heilongjiang, Peoples R China
来源
COMPUTATIONAL INTELLIGENCE AND SECURITY, PT 2, PROCEEDINGS | 2005年 / 3802卷
关键词
D O I
暂无
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
To evaluate the security situation of Windows systems for different users on different security attributes, this paper proposes a quantitative assessment method based on vulnerability relationship graph (VRG) and an index-based assessment policy. Through introducing the correlative influences of vulnerabilities, VRG can be used to scientifically detect high risk vulnerabilities which can evoke multistage attacks although their threats on surface are very little. Analysis of 1085 vulnerabilities indicates that for trusted remote visitors, the security of Windows systems is lower while for distrusted remote visitors, they are relatively secure. But there is no obvious difference of the security risk on confidentiality, authenticity and availability of Windows systems. In several known versions, the security of Windows NT is almost lowest.
引用
收藏
页码:415 / 420
页数:6
相关论文
共 50 条
  • [11] Vulnerability assessment of power system using various vulnerability indices
    Haidar, Ahmed M. A.
    Mohamed, Azah
    Hussain, Aini
    2006 4TH STUDENT CONFERENCE ON RESEARCH AND DEVELOPMENT, 2006, : 223 - 228
  • [12] Cyber Security Analysis using Vulnerability Assessment and Penetration Testing
    Shinde, Prashant S.
    Ardhapurkar, Shrikant B.
    2016 WORLD CONFERENCE ON FUTURISTIC TRENDS IN RESEARCH AND INNOVATION FOR SOCIAL WELFARE (STARTUP CONCLAVE), 2016,
  • [13] Vulnerability assessment system (VAS) topic code: 5 information security
    Ying, CB
    Tsai, A
    Yu, H
    37TH ANNUAL 2003 INTERNATIONAL CARNAHAN CONFERENCE ON SECURITY TECHNOLOGY, PROCEEDINGS, 2003, : 414 - 421
  • [14] ROP Defense Using Trie Graph for System Security
    Zhu, Alex Yao Chu
    Yan, Wei Qi
    Sinha, Roopak
    INTERNATIONAL JOURNAL OF DIGITAL CRIME AND FORENSICS, 2021, 13 (06)
  • [15] An Approach for Security Assessment of Network Configurations using Attack Graph
    Ghosh, Nirnay
    Ghosh, S. K.
    2009 FIRST INTERNATIONAL CONFERENCE ON NETWORKS & COMMUNICATIONS (NETCOM 2009), 2009, : 283 - 288
  • [16] A novel dynamic vulnerability assessment method for Industrial Control System based on vulnerability correlation attack graph
    Zhou, Ying
    Zhang, Zhiyong
    Zhao, Kejing
    Zhang, Zhongya
    COMPUTERS & ELECTRICAL ENGINEERING, 2024, 119
  • [17] Vulnerability Metrics for Graph-based Configuration Security
    Igartibo, Ibifubara
    Albanese, Massimiliano
    Mosko, Marc
    Bier, Eric
    Brito, Alejandro E.
    SECRYPT 2021: PROCEEDINGS OF THE 18TH INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY, 2021, : 259 - 270
  • [18] Security Vulnerability Assessment of OpenStack Cloud
    Ristov, Sasko
    Gusev, Marjan
    Donevski, Aleksandar
    2014 SIXTH INTERNATIONAL CONFERENCE ON COMPUTATIONAL INTELLIGENCE, COMMUNICATION SYSTEMS AND NETWORKS (CICSYN), 2014, : 95 - 100
  • [19] Security vulnerability assessment in the chemical industry
    Dunbobbin, BR
    Medovich, TJ
    Murphy, MC
    Ramsey, AL
    PROCESS SAFETY PROGRESS, 2004, 23 (03) : 214 - 220
  • [20] Quantitative assessment for the vulnerability of cyber-physical system based on attack graph
    Huang, Jiahui
    Feng, Dongqin
    International Journal of Electrical Engineering, 2015, 22 (06): : 201 - 207
12345