—Security vulnerabilities play an important role in network security. With the development of the network and the increasing number of vulnerabilities, many Quantitative Vulnerability Assessment Standards (QVAS) was proposed in order to enable professionals to prioritize the most important vulnerabilities with limited energy. However, it is difficult to apply QVAS manually due to the large num...

Major and minor disturbances can have a considerable impact effect on the performance of road networks. In this respect, resilience is considered as the ability of a road section to resist and to recover from disturbances in traffic flow. In this contribution an indicator is presented, the Link Performance Index for Resilience (LPIR), which evaluates the resilience level of individual road sect...

The application of XML-based approaches in passing vulnerability information between vulnerability management devices or software residing on wired networks has been demonstrated. We propose a proof of concept framework for mobile operators that extends this use of XML into the area of vulnerability management on public land mobile networks. Our proposed framework allows for a pro-active centra...

In this paper, we propose a new and simple metrics for evaluating network security. The proposed metrics are based on the existence of network vulnerabilities in the network. The proposed metrics are different with our previous metrics proposed in [11]. Exploited Vulnerability Percentage (EVP) metric, Vulnerable Host Percentage (VHP) metric and Density of Network Vulnerability (DNV) metric can ...

To determine the security impact software vulnerabilities have on a particular network, one must consider interactions among multiple network elements. For a vulnerability analysis tool to be useful in practice, two features are crucial. First, the model used in the analysis must be able to automatically integrate formal vulnerability specifications from the bug-reporting community. Second, the...

Security-as-a-service (SaaS) is an outsourcing model for security management in cloud computing. Vulnerability scanners based on cloud computing is becoming one of the killer applications in SaaS due to the pay-per-use manner and powerful scanning capability. When performing vulnerability scanning through network, the scanner needs to establish a large number of TCP connections with the target ...

With the development of network security research, network attack modeling and analysis techniques have been paid more and more attention. A generalized stochastic colored Petri Net (GSCPN) Model is proposed. To each attack, a GSCPN model is constructed to describe the relation of components graphically. Algorithm to construct a composite attack and method for network vulnerability analysis are...

Vulnerability assessment is an effective security mechanism to identify vulnerabilities in systems or networks before they are exploited. However manual analysis of network testing and vulnerability assessment results is time consuming and demands expertise. This paper presents an improvement of Analia, which is a security system to process results obtained after a vulnerability assessment usin...

Network attackers exploit software vulnerabilities on network computers to facilitate successful attacks. Many organizations keep track of the existing software vulnerabilities in the form of vulnerability databases. However, categorizing vulnerabilities is difficult due to the large number of different attributes maintained. In this work we apply a dataclustering algorithm (SOM) to two differe...

Electric power supply companies increasingly rely on enterprise IT systems to provide them with a comprehensive view of the state of the distribution network. Within a utility-wide network, enterprise IT systems collect data from various metering devices. Such data can be effectively used for the prediction of power supply network vulnerability. The purpose of this paper is to present the Enter...