Using a Prediction Model to Manage Cyber Security Threats

The digital assets of an organization are prone to attack any time. With threats gathering new dimensions, organizations should be able to objectively evaluate the risks of existing and new software applications. Based on this risk evaluation, sufficient resources can be allocated to mitigate cyber security risks. Quantitatively predicting proneness to attack can help organizations counter attack occurrences. The Common Vulnerability Scoring System (CVSS) is a standard framework used by many organizations. It communicates the characteristics and impacts of IT vulnerabilities. This framework has three groups, namely, Base, Temporal, and Environmental. The base group highlights the qualities of vulnerability that are unchanged over time and user. The temporal group covers the characteristics of vulnerability over time and the environmental group highlights the specific user environment. The CVSS helps establish a common language in the IT community. This paper proposes a mathematical model for predicting the impact of an attack based on the significant factors that influence cyber security. These factors are arrived at by considering several historical data points and mathematically verifying their significance to the impact and characteristics of attacks.

 Website: http://www.arjonline.org/engineering/american-research-journal-of-computer-science-and-information-technology/