Á¤º¸Ã³¸®ÇÐȸ ³í¹®Áö ÄÄÇ»ÅÍ ¹× Åë½Å½Ã½ºÅÛ
Current Result Document :
ÇѱÛÁ¦¸ñ(Korean Title) |
°èÃþÀû °¡Áß ±â¹ÝÀÇ Ãë¾àÁ¡ ¿µÇ⼺ Æò°¡ ½ºÄھ ½Ã½ºÅÛ¿¡ ´ëÇÑ ¿¬±¸ |
¿µ¹®Á¦¸ñ(English Title) |
A Study on Layered Weight Based Vulnerability Impact Assessment Scoring System |
ÀúÀÚ(Author) |
±è¿µÁ¾
Youngjong Kim
|
¿ø¹®¼ö·Ïó(Citation) |
VOL 08 NO. 07 PP. 0177 ~ 0180 (2019. 07) |
Çѱ۳»¿ë (Korean Abstract) |
´ëÇ¥ÀûÀÎ Ãë¾àÁ¡ ½ºÄھ ½Ã½ºÅÛÀº CVSS´Ù. ÇÏÁö¸¸ CVSS´Â Ãë¾àÁ¡ÀÌ Àڻ꿡 ¹ÌÄ¡´Â ¿µÇ⼺ °üÁ¡À» Æò°¡ ÇÏÁö ¾Ê¾Æ »ç¿ëµÇÁö ¾Ê°Å³ª Áß¿äµµ°¡ ³·Àº Àڻ꿡 ´ëÇؼµµ µ¿ÀÏÇÑ ¿ì¼±¼øÀ§·Î ó¸®ÇؾßÇϱ⠶§¹®¿¡ ´ë±Ô¸ð ½Ã½ºÅÛÀÇ À§Çèµµ°¡ ³ôÀº Ãë¾àÁ¡ÀÇ °æ¿ì È¿°úÀûÀÌ°í ½Å¼ÓÇÑ ´ëÀÀÀ» ÇÒ ¼ö ¾ø´Ù. ½Ã½ºÅÛ ±¸¼ºÀ» °èÃþÈ ÇÏ°í, °èÃþ °£ÀÇ ±×¸®°í °èÃþ³»ÀÇ Áß¿äµµ¿¡ µû¸¥ °¡ÁßÀ» Æò°¡ÇÏ´Â ¿µÇ⼺ °üÁ¡ÀÇ Æò°¡ ½Ã½ºÅÛÀÎ °èÃþÀû °¡Áß ±â¹ÝÀÇ Ãë¾àÁ¡ ¿µÇ⼺ Æò°¡ ½ºÄھ ½Ã½ºÅÛÀ» Á¦¾ÈÇÑ´Ù.
|
¿µ¹®³»¿ë (English Abstract) |
A typical vulnerability scoring system is Common Vulnerability Scoring System(CVSS). However, since CVSS does not differentiate among the individual vulnerability impact of the asset and give higher priority for the more important assets, it is impossible to respond effectively and quickly to high-risk vulnerabilities on large systems. We propose a Layered weight based Vulnerability impact assessment Scoring System which can hierarchically group the importance of assets and weight the number of layers and the number of assets to effectively manage the impact of vulnerabilities on a per asset basis.
|
Å°¿öµå(Keyword) |
º¸¾È
Ãë¾àÁ¡
Ãë¾àÁ¡ ¿µÇ⼺ Æò°¡
CVE
CVSS
Vulnerability Impact Assessment Scoring System
|
ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|