Community Based Platform for Vulnerability Categorization

• Authors: KOMÁRKOVÁ Jana; SADLEK Lukáš; LAŠTOVIČKA Martin
• Year of publication: 2018
• Type: Article in Proceedings
• Conference: NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium
• MU Faculty or unit: Institute of Computer Science
• web: https://ieeexplore.ieee.org/document/8406125
• Doi: https://doi.org/10.1109/NOMS.2018.8406125
• Keywords: Vulnerability Categorization;CVSS;Impact assessment

Attached files

• 2018-NOMS-Community-Based-Platform-for-Vulnerability-Categorization-paper.pdf
• 2018-NOMS-Community-Based-Platform-for-Vulnerability-Categorization-poster.pdf

• Description: Many approaches, such as attack graphs, require knowledge of vulnerability's properties such as impact, prerequisities, and exploitability. Currently, those properties are either categorized manually or too roughly. We present a program for granular, automated categorization of vulnerability. Further, we present a platform supporting researchers by gathering and sharing raw data about vulnerabilities and community labeled datasets. The source code of our categorization program is available on GitHub.

Related projects

• Research of Tools for Cyber Situational Awareness and Decision Support of CSIRT Teams in Protection of Critical Infrastructure