اراﺋﻪ ﻣﺪﻟﯽ ﺑﺮاي ﺑﻬﺒﻮد روﻧﺪ اﻣﺘﯿﺎزدﻫﯽ ﺑﻪ آﺳﯿﺐﭘﺬﯾﺮي در CVSS

A Novel Approach for Amending Vulnerability Scoring in CVSS

ﭼﮑﯿﺪه: اﻣﺮوزه ﺣﻤﻼت ﺳﺎﯾﺒﺮي را ﻣﯽﺗﻮان ﯾﮑﯽ از ﻧﮕﺮاﻧﯽﻫﺎي اﺻﻠﯽ زﻧﺪﮔﯽ ﺑﺸﺮ ﺑﻪ ﺣﺴﺎب آورد. ﺑﻨﺎﺑﺮاﯾﻦ ﺑﻪﻣﻨﻈﻮر ﻣﻘﺎومﺳﺎزي ﺷﺒﮑﻪ در ﻣﻘﺎﺑﻞ ﺣﻤﻼت ﺳﺎﯾﺒﺮي ﺑﻪ ﻋﻨﻮان ﯾﮏ دﻏﺪﻏﻪ اﺳﺎﺳﯽ ﻣﺘﺨﺼﯿﺼﻦ اﻣﻨﯿﺘﯽ، ﻧﯿﺎزﻣﻨﺪ اوﻟﻮﯾﺖﺑﻨﺪي آﺳﯿﺐﭘﺬﯾﺮيﻫﺎ و اﻧﺘﺨﺎب ﭘﺮﺧﻄﺮﺗﺮﯾﻦ آﻧﻬﺎ ﻫﺴﺘﯿﻢ. در ﻧﺘﯿﺠﻪ، ارزﯾﺎﺑﯽ دﻗﯿﻖ ﺧﻄﺮ آﺳﯿﺐﭘﺬﯾﺮيﻫﺎ اﻫﻤﯿﺖ ﺑﺎﻻﯾﯽ دارد. ﺳﯿﺴﺘﻢ اﻣﺘﯿﺎزدﻫﯽ ﺑﻪ آﺳﯿﺐﭘﺬﯾﺮي CVSS ﺑﻪ ﻋﻨﻮان ﯾﮑﯽ از ﻣﺤﺒﻮبﺗﺮﯾﻦ ﺳﯿﺴﺘﻢﻫﺎي اﻣﺘﯿﺎزدﻫﯽ ﺑﻪ آﺳﯿﺐﭘﺬﯾﺮي داراي ﯾﮑﺴﺮي ﻣﺸﮑﻼت اﺳﺎﺳﯽ اﺳﺖ ﮐﻪ ارزﯾﺎﺑﯽ ﺧﻄﺮ دﻗﯿﻖ ﺣﻤﻼت را دﭼﺎر ﻣﺸﮑﻞ ﻣﯽﺳﺎزد. داﻣﻨﻪ ﻣﺤﺪود اﻣﺘﯿﺎزﻫﺎ در CVSS را ﻣﯽﺗﻮان ﯾﮑﯽ از ﻣﺸﮑﻼت اﺳﺎﺳﯽ اﯾﻦ ﺳﯿﺴﺘﻢ اﻣﺘﯿﺎزدﻫﯽ ﺑﻪ آﺳﯿﺐﭘﺬﯾﺮي ﺑﻪ ﺣﺴﺎب آورد. ﭼﺮا ﮐﻪ ﻣﺠﺰاﺳﺎزي ﮐﺎراي ﺳﯿﻞ ﻋﻈﯿﻤﯽ از آﺳﯿﺐﭘﺬﯾﺮيﻫﺎ ﺗﻮﺳﻂ اﯾﻦ ﺳﯿﺴﺘﻢ را ﻏﯿﺮ ﻣﻤﮑﻦ ﻣﯽﺳﺎزد. در اﯾﻦ ﻣﻘﺎﻟﻪ روﺷﯽ ﺑﺮاي اﺻﻼح روﻧﺪ اﻣﺘﯿﺎزدﻫﯽ ﺑﻪ آﺳﯿﺐﭘﺬﯾﺮي ﺑﺎ ﻣﺤﻮرﯾﺖ ﭼﺎﻟﺶ ﻣﺬﮐﻮر و اﻓﺰاﯾﺶ دﻗﺖ ﺗﺨﻤﯿﻦ ﺧﻄﺮ ﺣﻤﻼت ﻣﻌﺮﻓﯽ ﺷﺪه اﺳﺖ.

Nowadays, computer network attacks are considered as the most serious issue in everybody’s life. Network hardening is a necessity which requires prioritizing vulnerabilities and finding the most dangerous ones. So, risk assessment should be done as much accurate as possible. The most widely used system for risk assessment is CVSS (Common Vulnerability Scoring System) that has some difficulties which make risk analysis inaccurate. Limited number of risk scores is the most critical issue which causes inefficient vulnerability discrimination. Here one novel approach is proposed which amends the Impact formula of CVSS by the aim of increasing risk estimation accuracy and scores diversity.