Measuring Similarity for Security Vulnerabilities

  • Authors:

  • Ju An Wang;Linfeng Zhou;Minzhe Guo;Hao Wang;Jairo Camargo

  • Affiliations:

  • -;-;-;-;-

  • Venue:
  • HICSS '10 Proceedings of the 2010 43rd Hawaii International Conference on System Sciences
  • Year:
  • 2010

Quantified Score

Hi-index 0.00

Visualization

Abstract

As the number of software vulnerabilities increases year by year, software vulnerability becomes a focusing point in information security. This paper proposes a vulnerability similarity measurement to compare different vulnerabilities according to a set of criteria. Our approach is based on the structural hierarchy of vulnerabilities, and the similarity is defined using established mathematical models. The National Vulnerability Database and the Ontology of Vulnerability Management provide the information necessary for the similarity calculation. The similarity measurement can be used in many areas of vulnerability management, such as vulnerability classification, mitigation, and patching.