通用漏洞评分系统的模糊模型

2021 IEEE 15th International Symposium on Applied Computational Intelligence and Informatics (SACI) Pub Date : 2021-05-19 DOI:10.1109/SACI51354.2021.9465614

Mera Saulaiman, M. Takács, M. Kozlovszky, Á. Csilling

{"title":"通用漏洞评分系统的模糊模型","authors":"Mera Saulaiman, M. Takács, M. Kozlovszky, Á. Csilling","doi":"10.1109/SACI51354.2021.9465614","DOIUrl":null,"url":null,"abstract":"The Common Vulnerability Scoring System (CVSS) is a widely used open standard for measuring the severity of software vulnerabilities based on defined metric values. It uses optimized equations to combine several aspects of a vulnerability to derive the score. In this paper the possibility of implementing this CVSS calculator in fuzzy logic is discussed, using the Fuzzy Logic toolbox from MATLAB extended in Simulink environment.The model is evaluated by comparing the results of both systems for a few test cases. The possibility of implementing an optimized CVSS calculator using Fuzzy logic is discussed.Taking advantage of the possibility available in Fuzzy logic we discuss the possibility to extend the calculator with domain-specific metrics.","PeriodicalId":321907,"journal":{"name":"2021 IEEE 15th International Symposium on Applied Computational Intelligence and Informatics (SACI)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-05-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Fuzzy Model for Common Vulnerability Scoring System\",\"authors\":\"Mera Saulaiman, M. Takács, M. Kozlovszky, Á. Csilling\",\"doi\":\"10.1109/SACI51354.2021.9465614\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The Common Vulnerability Scoring System (CVSS) is a widely used open standard for measuring the severity of software vulnerabilities based on defined metric values. It uses optimized equations to combine several aspects of a vulnerability to derive the score. In this paper the possibility of implementing this CVSS calculator in fuzzy logic is discussed, using the Fuzzy Logic toolbox from MATLAB extended in Simulink environment.The model is evaluated by comparing the results of both systems for a few test cases. The possibility of implementing an optimized CVSS calculator using Fuzzy logic is discussed.Taking advantage of the possibility available in Fuzzy logic we discuss the possibility to extend the calculator with domain-specific metrics.\",\"PeriodicalId\":321907,\"journal\":{\"name\":\"2021 IEEE 15th International Symposium on Applied Computational Intelligence and Informatics (SACI)\",\"volume\":\"26 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-05-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE 15th International Symposium on Applied Computational Intelligence and Informatics (SACI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SACI51354.2021.9465614\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE 15th International Symposium on Applied Computational Intelligence and Informatics (SACI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SACI51354.2021.9465614","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

通用漏洞评分系统(Common Vulnerability Scoring System, CVSS)是一种广泛使用的基于定义的度量值来度量软件漏洞严重程度的开放标准。它使用优化的方程来结合漏洞的几个方面来得出分数。本文讨论了利用MATLAB中的模糊逻辑工具箱在Simulink环境下扩展实现模糊逻辑的可能性。通过比较两个系统对几个测试用例的结果来评估模型。讨论了利用模糊逻辑实现优化CVSS计算器的可能性。利用模糊逻辑中可用的可能性，我们讨论了用领域特定度量扩展计算器的可能性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Fuzzy Model for Common Vulnerability Scoring System

The Common Vulnerability Scoring System (CVSS) is a widely used open standard for measuring the severity of software vulnerabilities based on defined metric values. It uses optimized equations to combine several aspects of a vulnerability to derive the score. In this paper the possibility of implementing this CVSS calculator in fuzzy logic is discussed, using the Fuzzy Logic toolbox from MATLAB extended in Simulink environment.The model is evaluated by comparing the results of both systems for a few test cases. The possibility of implementing an optimized CVSS calculator using Fuzzy logic is discussed.Taking advantage of the possibility available in Fuzzy logic we discuss the possibility to extend the calculator with domain-specific metrics.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2021 IEEE 15th International Symposium on Applied Computational Intelligence and Informatics (SACI)

自引率

0.00%

发文量