Web Applications Vulnerability Management using a Quantitative Stochastic Risk Modeling Method

Web Applications Vulnerability Management using a Quantitative Stochastic Risk Modeling Method

The aim of this research is to propose a quantitative risk modeling method that reduces the guess work and uncertainty from the vulnerability and risk assessment activities of web based applications while providing users the flexibility to assess risk according to their risk appetite and tolerance w...

Full description

Bibliographic Details
Main Author: Sergiu SECHEL
Format: Article
Language:English
Published: Inforec Association 2017-01-01
Series:Informatică economică
Subjects:
Vulnerabilities
Quantitative Risk
Web Applications
Monte Carlo
Stochastic Systems
Cybersecurity
Online Access:http://revistaie.ase.ro/content/83/02%20-%20sechel.pdf
Description
Summary:The aim of this research is to propose a quantitative risk modeling method that reduces the guess work and uncertainty from the vulnerability and risk assessment activities of web based applications while providing users the flexibility to assess risk according to their risk appetite and tolerance with a high degree of assurance. The research method is based on the research done by the OWASP Foundation on this subject but their risk rating methodology needed de-bugging and updates in different in key areas that are presented in this paper. The modified risk modeling method uses Monte Carlo simulations to model risk characteristics that can’t be determined without guess work and it was tested in vulnerability assessment activities on real production systems and in theory by assigning discrete uniform assumptions to all risk charac-teristics (risk attributes) and evaluate the results after 1.5 million rounds of Monte Carlo simu-lations.
ISSN:1453-1305
1842-8088

Similar Items