期刊文献+
共找到2篇文章
< 1 >
每页显示 20 50 100
A Method for Vulnerability Database Quantitative Evaluation 被引量:1
1
作者 Tiantian Tan Baosheng Wang +2 位作者 Yong Tang Xu Zhou Jingwen Han 《Computers, Materials & Continua》 SCIE EI 2019年第9期1129-1144,共16页
During system development,implementation and operation,vulnerability database technique is necessary to system security;there are many vulnerability databases but a lack of quality standardization and general evaluati... During system development,implementation and operation,vulnerability database technique is necessary to system security;there are many vulnerability databases but a lack of quality standardization and general evaluation method are needed.this paper summarized current international popular vulnerability databases,systematically introduced the present situation of current vulnerability databases,and found the problems of vulnerability database technology,extracted common metrics by analyzing vulnerability data of current popular vulnerability databases,introduced 4 measure indexes:the number scale of vulnerabilities,the independence level,the standardization degree and the integrity of vulnerability description,proposed a method for vulnerability database quantitative evaluation using SCAP protocol and corresponding standard,analyzed a large number of vulnerabilities in current popular vulnerability database,quantitative evaluated vulnerability database by the law of normal distribution,the experimental results show this method has strong versatility and science,and it is beneficial to improve the quality and standardization construction for vulnerability database development. 展开更多
关键词 Vulnerability management vulnerability database quantitative evaluation
下载PDF
Software Vulnerabilities Overview:A Descriptive Study 被引量:2
2
作者 Mario Calín Sánchez Juan Manuel Carrillo de Gea +2 位作者 José Luis Fernández-Alemán Jesús Garcerán Ambrosio Toval 《Tsinghua Science and Technology》 SCIE EI CAS CSCD 2020年第2期270-280,共11页
Computer security is a matter of great interest.In the last decade there have been numerous cases of cybercrime based on the exploitation of software vulnerabilities.This fact has generated a great social concern and ... Computer security is a matter of great interest.In the last decade there have been numerous cases of cybercrime based on the exploitation of software vulnerabilities.This fact has generated a great social concern and a greater importance of computer security as a discipline.In this work,the most important vulnerabilities of recent years are identified,classified,and categorized individually.A measure of the impact of each vulnerability is used to carry out this classification,considering the number of products affected by each vulnerability,as well as its severity.In addition,the categories of vulnerabilities that have the greatest presence are identified.Based on the results obtained in this study,we can understand the consequences of the most common vulnerabilities,which software products are affected,how to counteract these vulnerabilities,and what their current trend is. 展开更多
关键词 descriptive study software security software vulnerabilities vulnerability databases
原文传递
上一页 1 下一页 到第
使用帮助 返回顶部