Mason Vulnerability Scoring Framework: A Customizable Framework for Scoring Common Vulnerabilities and Weaknesses

Ibifubara Iganibo, Massimiliano Albanese, Kaan Turkmen, Thomas Campbell, Marc Mosko

2022

Abstract

One of the first lines of defense against cyberattacks is to understand and evaluate the weaknesses and vulnerabilities that a system exposes to malicious users. To address this need, several scoring systems have been developed, providing security analysts and practitioners with a means of quantifying the severity of common weaknesses and vulnerabilities found in software. However, these scoring systems rely on predefined notions of risk, use fixed equations to compute numerical scores, and do not provide users with the flexibility to fine-tune such equations or factor in new variables altogether. Furthermore, official scores and rankings are updated infrequently, making them less valuable in a rapidly evolving cybersecurity landscape. In this paper, we present the Mason Vulnerability Scoring Framework, a comprehensive and customizable framework for scoring vulnerabilities and ranking common weaknesses that gives users significant control over the scoring and ranking process.

Download


Paper Citation


in Harvard Style

Iganibo I., Albanese M., Turkmen K., Campbell T. and Mosko M. (2022). Mason Vulnerability Scoring Framework: A Customizable Framework for Scoring Common Vulnerabilities and Weaknesses. In Proceedings of the 19th International Conference on Security and Cryptography - Volume 1: SECRYPT, ISBN 978-989-758-590-6, pages 215-225. DOI: 10.5220/0011277400003283


in Bibtex Style

@conference{secrypt22,
author={Ibifubara Iganibo and Massimiliano Albanese and Kaan Turkmen and Thomas Campbell and Marc Mosko},
title={Mason Vulnerability Scoring Framework: A Customizable Framework for Scoring Common Vulnerabilities and Weaknesses},
booktitle={Proceedings of the 19th International Conference on Security and Cryptography - Volume 1: SECRYPT,},
year={2022},
pages={215-225},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011277400003283},
isbn={978-989-758-590-6},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 19th International Conference on Security and Cryptography - Volume 1: SECRYPT,
TI - Mason Vulnerability Scoring Framework: A Customizable Framework for Scoring Common Vulnerabilities and Weaknesses
SN - 978-989-758-590-6
AU - Iganibo I.
AU - Albanese M.
AU - Turkmen K.
AU - Campbell T.
AU - Mosko M.
PY - 2022
SP - 215
EP - 225
DO - 10.5220/0011277400003283