A assessment method of network security vulnerability
1. Global Energy Interconnection Research Institute, State Grid, Nanjing, Jiangsu
210003, China; 2. School of Computer Science and Engineering, Nanjing University of
Science and Technology, Nanjing, Jiangsu 210094, China)
Abstract:To reflect the complexity and diversity of vulnerability for the WIVSS
scoring mechanism, the frequently used vulnerability analysis theory and
vulnerability scoring method were analyzed. A new vulnerability scoring method was
designed based on common vulnerability scoring system (CVSS) to reflect the
complexity of vulnerabilities well. According to a set of actual system constraint
rules from analysis, the optimum combination search algorithm of fragile comment
decentralization values and the selection algorithm of information entropy weights
portfolio were used to determine the optimal decentralization vulnerable reviews
combination of values by the target network, and the best scores of vulnerable
points were obtained. The results show that the proposed weight combination of
vulnerability can ensure the diversity of vulnerability point and improve the WIVSS.