CPE and CVE based Technique for Software Security Risk Assessment

Ushakov, Roman; Doynikova, Elena; Novikova, Evgenia; Kotenko, Igor

doi:10.1109/idaacs53288.2021.9660968

Cited by 8 publications

(4 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Their algorithm supports the mapping of vulnerabilities to software and automates the searching against known vulnerabilities through NVD, nevertheless, it does not consider TI sources. Russo et al 19 presented an automated vulnerability-oriented approach through a custom-made software platform, based on NIST 800-30 guidance. 9 Contrary to our work, these techniques and methods are subject to the same predispositions addressed earlier in this section.…”

Section: Vulnerability-orientedmentioning

confidence: 99%

A threat‐intelligence driven methodology to incorporate uncertainty in cyber risk analysis and enhance decision‐making

Dekker

Alevizos

2023

Security and Privacy

View full text Add to dashboard Cite

The challenge of decision‐making under uncertainty in information security has become increasingly important, given the unpredictable probabilities and effects of events in the ever‐changing cyber threat landscape. Cyber threat intelligence provides decision‐makers with the necessary information and context to understand and anticipate potential threats, reducing uncertainty, and improving the accuracy of risk analysis. The latter is a principal element of evidence‐based decision‐making, and it is essential to recognize that addressing uncertainty requires a new, threat‐intelligence (TI) driven methodology, and risk analysis approach. We propose a solution to this challenge by introducing a TI‐based security assessment methodology and a decision‐making strategy that considers both known unknowns and unknown unknowns. The proposed methodology aims to enhance the quality of decision‐making by utilizing causal graphs, which offer an alternative to conventional methodologies that rely on attack trees, resulting in a reduction of uncertainty. Furthermore, we consider tactics, techniques, and procedures that are possible, probable, and plausible, improving the predictability of adversary behavior. Our proposed solution provides practical guidance for information security leaders to make informed decisions in uncertain situations. This paper offers a new perspective on addressing the challenge of decision‐making under uncertainty in information security by introducing a methodology that can help decision‐makers navigate the intricacies of the dynamic and continuously evolving landscape of cyber threats.

show abstract

Section: Vulnerability-orientedmentioning

confidence: 99%

A threat‐intelligence driven methodology to incorporate uncertainty in cyber risk analysis and enhance decision‐making

Dekker

Alevizos

2023

Security and Privacy

View full text Add to dashboard Cite

show abstract

“…CVE records are accompanied by CVSS ** , a scoring system that provides security metrics for vulnerabilities. An example of using CVE, CPE, and CVSS for cybersecurity risk management can be found in the work of Ushakov et al 66 . The remotely exploitable vulnerabilities are marked by the Network attack vector in CVSS.…”

Section: Proposed Decision Support Systemmentioning

confidence: 99%

“…An example of using CVE, CPE, and CVSS for cybersecurity risk management can be found in the work of Ushakov et al. 66 The remotely exploitable vulnerabilities are marked by the Network attack vector in CVSS. The Impact Metrics refer to the potential impact of a successful exploit on CIA and have the values of None, Low, and High.…”

Section: Security State Assessmentmentioning

confidence: 99%

Mission‐centric decision support in cybersecurity via Bayesian Privilege Attack Graph

Javorník

Husák

2022

Engineering Reports

View full text Add to dashboard Cite

We present an approach to decision support in cybersecurity with respect to cyber threats and stakeholders' requirements. We approach situations in which cybersecurity experts need to take actions to mitigate the risks, such as temporarily putting an IT system out of operation, but need to consult them with other stakeholders. We propose a decision support system that uses a mission decomposition model representing the organization's functional and security requirements on its IT infrastructure. Based on the cybersecurity state assessment, that is, discovery of vulnerabilities and attacker's position, the decision support system calculates the resilience metrics for each IT infrastructure's configuration, that is, how likely are they to not be disrupted. The calculation is enabled by two novel formal models, Privilege-Exploit Attack Graph and Bayesian Privilege Attack Graph, which reduce complex attack graphs into a comprehensible bipartite graph. Moreover, they illustrate the impact of exploiting the vulnerabilities and attackers gaining the privileges. The system recommends the most resilient mission configurations that are comprehensible to both cybersecurity experts and non-technical stakeholders, who may then choose which configuration to apply. Our approach is illustrated in a case study of a real-world medical information system.

show abstract

“…It is the list of all types of vulnerabilities and its subtypes. CVE's mission is to facilitate data sharing across various vulnerability capabilities (tools, repositories, and services) via this common enumeration [30].…”

Section: Proposed Docker-security Designmentioning

confidence: 99%

Container Performance and Vulnerability Management for Container Security Using Docker Engine

Alyas

Ali

Khan

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

Containers have evolved to support microservice architecture as a low-cost alternative to virtual machines. Containers are increasingly prevalent in the virtualization landscape because of better working; containers can bear considerably less overhead than the conventional hypervisor-based component virtual machines. However, containers directly communicate with the host kernel, and attackers can co-locate containers in the host system quicker than virtual machines. This causes significant security issues in container technology. The security hardening system is currently targeted at implementing universal access management regulations that make it difficult to assess the required procedure for accessing containers. Security mechanisms include an explicit awareness of the purpose and actions of the container and entail manual interaction and configuration. A user-friendly container protection scheme implemented an access policy to comply with its anticipated and legitimate application performance. In this study, container technology constraints have been overcome by proposing a unique Docker-sec mechanism. Docker-sec uses four mechanisms; the original collection has been improved during container runtime by additional rules that constrain the capacity of the container, further representing the applications in practice, file system, processes, network isolation, and vulnerability scanning of Docker images over different workload. Different vulnerabilities have been scanned with a CVE severity level. Results showed that inter-container communication with the system is more secure containers from zero vulnerabilities with an overhead of 3.45%.

show abstract

CPE and CVE based Technique for Software Security Risk Assessment

Cited by 8 publications

References 5 publications

A threat‐intelligence driven methodology to incorporate uncertainty in cyber risk analysis and enhance decision‐making

A threat‐intelligence driven methodology to incorporate uncertainty in cyber risk analysis and enhance decision‐making

Mission‐centric decision support in cybersecurity via Bayesian Privilege Attack Graph

Container Performance and Vulnerability Management for Container Security Using Docker Engine

Contact Info

Product

Resources

About