onr:"swepub:oai:DiVA.org:his-21409"
Search: onr:"swepub:oai:DiVA.org:his-21409" > Towards automatic d...
- 1 of 1
- Previous record
- Next record
- To hitlist
Towards automatic discovery and assessment of vulnerability severity in cyber-physical systems
-
- Jiang, Yuning, 1993- (author)
- Högskolan i Skövde,Institutionen för informationsteknologi,Forskningsmiljön Informationsteknologi,Distributed Real-Time Systems (DRTS)
-
- Atif, Yacine, 1967- (author)
- Högskolan i Skövde,Institutionen för informationsteknologi,Forskningsmiljön Informationsteknologi,Distributed Real-Time Systems (DRTS)
- (creator_code:org_t)
- Elsevier, 2022
- 2022
- English.
- In: Array. - : Elsevier. - 2590-0056. ; 15
- Journal article (peer-reviewed)
Abstract
Subject headings
Close
- Despite their wide proliferation, complex cyber–physical systems (CPSs) are subject to cybersecurity vulnerabilities and potential attacks. Vulnerability assessment for such complex systems are challenging, partly due to the discrepancy among mechanisms used to evaluate their cyber-security weakness levels. Several sources do report these weaknesses like the National Vulnerability Database (NVD), as well as manufacturer websites besides other security scanning advisories such as Cyber Emergency Response Team (CERT) and Shodan databases. However, these multiple sources are found to face inconsistency issues, especially in terms of vulnerability severity scores. We advocate an artificial intelligence based approach to streamline the computation of vulnerability severity magnitudes. This approach decreases the error rate induced by manual calculation processes, that are traditionally used in cybersecurity analysis. Popular repositories such as NVD and SecurityFocus are employed to validate the proposed approach, assisted with a query method to retrieve vulnerability instances. In doing so, we report discovered correlations among reported vulnerability scores to infer consistent magnitude values of vulnerability instances. The method is applied to a case study featuring a CPS application to illustrate the automation of the proposed vulnerability scoring mechanism, used to mitigate cybersecurity weaknesses.
Subject headings
- NATURVETENSKAP -- Data- och informationsvetenskap -- Datorteknik (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences -- Computer Engineering (hsv//eng)
Keyword
- Cybersecurity
- Text-mining
- Cyber-physical system
- Vulnerability analysis
- CVSS
- Distribuerade realtidssystem (DRTS)
- Distributed Real-Time Systems
Publication and Content Type
- ref (subject category)
- art (subject category)
- 1 of 1
- Previous record
- Next record
- To hitlist
Find more in SwePub
- By the author/editor
- Jiang, Yuning, 1 ...
- Atif, Yacine, 19 ...
- About the subject
-
- NATURAL SCIENCES
- NATURAL SCIENCES
- and Computer and Inf ...
- and Computer Enginee ...
- Articles in the publication
- Array
- By the university
- University of Skövde
Search outside SwePub
- Extend your search to:
- Google Book Search
- Google Scholar
Kungliga biblioteket hanterar dina personuppgifter i enlighet med EU:s dataskyddsförordning (2018), GDPR. Läs mer om hur det funkar här.
Så här hanterar KB dina uppgifter vid användning av denna tjänst.
- Copyright © LIBRIS - National Library Systems
- LIBRIS.kb.se
