Flexible and Robust k-Zero Day Safety Network Security Metrics to Measure the Risk on Different Vulnerabilities

Today's computer systems face sophisticated attackers who combine multiple vulnerabilities to penetrate networks with devastating impact. The overall security of a network cannot be determined by simply counting the number of vulnerabilities. In fact, the security risk of unknown vulnerabilities has been considered as something immeasurable due to the less predictable nature of software flaws. This causes a major difficulty to security metrics, because a more secure configuration would be of little value if it were equally susceptible to zero-day attacks. In this paper, instead of just counting how much such vulnerability would be required for compromising network assets we can also attempting to rank unknown vulnerabilities. We propose a Flexible and Robust k-Zero Day Safety security model to rank the zero-day attacks by using collaborative filtering technique to different (types of) zero-day vulnerabilities and novel security metrics for uncertain and dynamic data.
DOI: 10.17762/ijritcc2321-8169.150731