%0 Journal Article
%T Stochastic Modelling of Vulnerability Life Cycle and Security Risk Evaluation
%A Sasith M. Rajasooriya
%A Chris P. Tsokos
%A Pubudu Kalpani Kaluarachchi
%J Journal of Information Security
%P 269-279
%@ 2153-1242
%D 2016
%I Scientific Research Publishing
%R 10.4236/jis.2016.74022
%X The
objective of the present study is to propose a risk evaluation statistical
model for a given vulnerability by examining the Vulnerability Life Cycle and
the CVSS score. Having a better understanding of the behavior of vulnerability
with respect to time will give us a great advantage. Such understanding will
help us to avoid exploitations and introduce patches for a particular
vulnerability before the attacker takes the advantage. Utilizing the proposed
model one can identify the risk factor of a specific vulnerability being
exploited as a function of time. Measuring of the risk factor of a given
vulnerability will also help to improve the security level of software and to
make appropriate decisions to patch the vulnerability before an exploitation
takes place.
%K Stochastic Modelling
%K Security
%K Risk Evaluation
%K Vulnerability Life Cycle
%K Risk Factor
%U http://www.scirp.org/journal/PaperInformation.aspx?PaperID=68736