Fuzzy Classification Metrics for Scanner Assessment and Vulnerability Reporting

@article{Loh2010FuzzyCM,
  title={Fuzzy Classification Metrics for Scanner Assessment and Vulnerability Reporting},
  author={Peter Kok Keong Loh and Deepak Subramanian},
  journal={IEEE Transactions on Information Forensics and Security},
  year={2010},
  volume={5},
  pages={613-624}
}
In information security, web application scanners detect and provide some diagnoses for specific vulnerabilities. However, scanner performance as well as the damage potential of different vulnerabilities varies. This undermines the development of effective remediation solutions and the reliable sharing of vulnerability information. This paper describes an approach based on soft computing technology for the development of metrics that are used to grade web application scanners and… CONTINUE READING

Citations

Publications citing this paper.

References

Publications referenced by this paper.
SHOWING 1-10 OF 15 REFERENCES

Fuzzy Heuristic Design for Diagnosis of Web-Based Vulnerabilities

  • 2009 Fourth International Conference on Internet Monitoring and Protection
  • 2009
VIEW 1 EXCERPT

Evaluating AVDL descriptions for web application vulnerability analysis

  • 2008 IEEE International Conference on Intelligence and Security Informatics
  • 2008
VIEW 1 EXCERPT

WhiteHat Website Security Statistics Report Aug. 2008 [Online]. Available: https://whitehatsec.market2lead.com/go/ whitehatsec/WPstats0808, Publisher: WhiteHat Security (United States of America

Jeremiah Grossman
  • 2008

Analyzing the Effectiveness and Coverage of Web Application Security Scanners

L. Suto
  • White Paper, Oct. 2007 [Online]. Available: http:// www.stratdat.com/webscan.pdf,
  • 2007

Estimating Software Vulnerabilities

  • IEEE Security & Privacy
  • 2007
VIEW 2 EXCERPTS

Similar Papers

Loading similar papers…