Analyzing vulnerability dynamic severity based on D-S evidence theory

摘要

To solve the problem of analyzing dynamic severity of computer security vulnerability, a method of analyzing vulnerability dynamic severity based D-S evidence theory was proposed. It fuses vulnerability static severity and alert statistic information produced by intrusion detection system to work out vulnerability dynamic severity metric utilizing the D-S evidence theory. Comparing with the method based on expert estimation and the fuzzy inference method, the proposed method has merits of fast computation speed, high degree of precision, simple realization and independent of expert experience. The experiments showed that this method is practical and high effective.