Vulnerability based Risk Assessment for Multiple Component Software Systems in Web based Applications

Yong Wang, W. Lively, and D. Simmons (USA)


Risk, vulnerability, fuzzy logic, and multiple components


In this paper, vulnerability based risk assessment method is developed. The risk is evaluated based on threat of the vulnerability and vulnerability severity. The assessment method is constructed using analytical hierarchy process and fuzzy logic. To overcome the subjective factor from fuzzy logic, entropy weight coefficient is applied to adjust the measurement. The risk assessment for multiple component software systems is developed. A case study is presented for the web-based applications. Based on risk index in the web-based applications, system risk is classified as at low, high, or failed level. The proposed model can be applied to any complex systems according to the software vulnerability report.

Important Links:

Go Back