English

A New Framework for Ranking Vulnerabilities in the Clouds

Cryptography and Security 2016-12-07 v2

Abstract

Qualifying and ranking threat degrees of vulnerabilities in cloud service are known to be full of challenges. Although there have been several efforts aiming to address this problem, most of them are too simple or cannot be applied into cloud infrastructure. This paper aims to propose a novel framework to qualify and rank the vulnerabilities based on their threat degrees in cloud service. Through inputting or constructing service dependency graph, our framework is able to generate the importance degree of each service and the ranking list of all the vulnerabilities in cloud service. Moreover, our framework can be adopted not only into various cloud infrastructures, but also different categories of algorithms according to concrete requirements. To evaluate our framework, we adopt AssetRank algorithm into the framework, and present the whole design of our work. Comprehensive experiments prove the effectiveness of our framework on qualifying and ranking vulnerabilities in cloud service.

Keywords

Cite

@article{arxiv.1611.07617,
  title  = {A New Framework for Ranking Vulnerabilities in the Clouds},
  author = {He Zhu},
  journal= {arXiv preprint arXiv:1611.07617},
  year   = {2016}
}

Comments

arXiv admin note: submission has been withdrawn by arXiv administrators due to inappropriate text reuse from external sources

R2 v1 2026-06-22T17:01:45.140Z