A taxonomy framework based on ITU-TX-805 security architecture for quantitative determination of computer network vulnerabilities
Article first published online: 29 AUG 2012
Copyright © 2012 John Wiley & Sons, Ltd.
Security and Communication Networks
Volume 6, Issue 7, pages 864–880, July 2013
How to Cite
Mohammadi, S., Sherkat, M. H. and Jamporazmey, M. (2013), A taxonomy framework based on ITU-TX-805 security architecture for quantitative determination of computer network vulnerabilities. Security Comm. Networks, 6: 864–880. doi: 10.1002/sec.623
- Issue published online: 21 JUN 2013
- Article first published online: 29 AUG 2012
- computer network vulnerability;
- taxonomy of vulnerabilities;
- ITU-TX-805 security architecture;
- quantifying vulnerabilities;
- Common Vulnerability Scoring System
Network vulnerability taxonomy has become increasingly important in the area of information and data exchange for its potential use not only in identification of vulnerabilities but also in their assessment and prioritization. Computer networks play an important role in information and communication infrastructure. However, they are constantly exposed to a variety of vulnerability risks. In their attempts to create secure information exchange systems, scientists have concentrated on understanding the nature and typology of these vulnerabilities. Their efforts aimed at establishing secure networks have led to the development of a variety of methods and techniques for quantifying vulnerability. The objectives of the present paper are twofold: (1) to develop a taxonomy framework for the classification of network vulnerabilities on the basis of the ITU-TX-805 security architecture and (2) to develop a method on the basis of the second edition of Common Vulnerability Scoring System for the quantification of vulnerabilities within the proposed taxonomy framework. It is expected that the framework proposed in this paper will provide a comprehensive taxonomic structure that can be extended to all the different aspects of network vulnerability. Furthermore, it will help in the identification and effective management of vulnerabilities by their quantification. Copyright © 2012 John Wiley & Sons, Ltd.