2005 | OriginalPaper | Buchkapitel
Assessment of Windows System Security Using Vulnerability Relationship Graph
verfasst von : Yongzheng Zhang, Binxing Fang, Yue Chi, Xiaochun Yun
Erschienen in: Computational Intelligence and Security
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
To evaluate the security situation of Windows systems for different users on different security attributes, this paper proposes a quantitative assessment method based on vulnerability relationship graph (VRG) and an index-based assessment policy. Through introducing the correlative influences of vulnerabilities, VRG can be used to scientifically detect high risk vulnerabilities which can evoke multistage attacks although their threats on surface are very little. Analysis of 1085 vulnerabilities indicates that for trusted remote visitors, the security of Windows systems is lower while for distrusted remote visitors, they are relatively secure. But there is no obvious difference of the security risk on confidentiality, authenticity and availability of Windows systems. In several known versions, the security of Windows NT is almost lowest.