Title: The algorithm model for cumulative vulnerability risk assessment

Authors: Yong Yan Chen; Hong Chun Shu

Addresses: Computer Centre, Kunming University of Science and Technology, Kunming, 650500, China ' Graduate School, Kunming University of Science and Technology, Kunming, 650500, China

Abstract: The network information security vulnerability assessment consists of two kinds of risks. The stable risks of vulnerability itself and the cumulative multi-risks that are generated from a successful attack and which can impact on the whole network. To count cumulative multi-risk, a new method has been developed, which uses vulnerabilities in attack graph and reverse iteration tracing algorithm based on rough sets. Two kinds of cumulative multi-risks will be identified, named 'the worst state' and 'the critical state'. The experimental evidences prove the veracity and validity of the new algorithm model.

Keywords: rough sets; cumulative vulnerability; risk assessment; reverse iteration; cumulative risk; network security; information security; attack graph.

DOI: 10.1504/IJIPT.2014.066362

International Journal of Internet Protocol Technology, 2014 Vol.8 No.2/3, pp.150 - 157

Available online: 17 Dec 2014 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article