Abstract | ||
---|---|---|
The Common Vulnerability Scoring System (CVSS) is the state-of-the art system for assessing software vulnerabilities. However, it has been criticized for lack of validity and practitioner relevance. In this paper, the credibility of the CVSS scoring data found in five leading databases-NVD, X-Force, OSVDB, CERT-VN, and Cisco-is assessed. A Bayesian method is used to infer the most probable true va... |
Year | DOI | Venue |
---|---|---|
2018 | 10.1109/TDSC.2016.2644614 | IEEE Transactions on Dependable and Secure Computing |
Keywords | Field | DocType |
Data security,Measurement,Bayes methods,Software security,Complexity theory,Authentication,Cybersecurity,Information security | Data mining,CVSS,Vulnerability (computing),Credibility,Software security assurance,Computer science,Ground truth,Vulnerability management,Vulnerability,Bayesian probability | Journal |
Volume | Issue | ISSN |
15 | 6 | 1545-5971 |
Citations | PageRank | References |
9 | 0.47 | 0 |
Authors | ||
4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Pontus Johnson | 1 | 788 | 55.88 |
Robert Lagerström | 2 | 401 | 36.58 |
Mathias Ekstedt | 3 | 634 | 49.70 |
Ulrik Franke | 4 | 309 | 27.06 |