Standardising vulnerability categories

Computers and Security

Volumn 27, Issue 3-4, 2008, Pages 71-83

  Venter, H S ^a   Eloff, J H P ^a   Li, Y L ^a  

^a UNIVERSITY OF PRETORIA   (South Africa)

Author keywords

Artificial intelligence; Common vulnerabilities and exposures (CVE) list; Data clustering; Self organising map (SOM); Vulnerability; Vulnerability scanners (VSs)

Indexed keywords

ARTIFICIAL INTELLIGENCE; SCANNING; SPECTRUM ANALYZERS; STANDARDS;

COMMON VULNERABILITIES AND EXPOSURES (CVE) LIST; DATA CLUSTERING; RESEARCH RESULTS; SELF-ORGANISING MAP (SOM); VULNERABILITY; VULNERABILITY SCANNERS (VSS);

CLUSTERING ALGORITHMS;

EID: 49849085708     PISSN: 01674048     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.cose.2008.04.002     Document Type: Article

References (18)

1. Angeline P.J., and Pollack J.B. Competitive environments evolve better solutions for complex tasks. In: Forrest S. (Ed). Proceedings of the fifth international conference on genetic algorithms (1993), Morgan Kaufmann, San Mateo, CA 264-270
2. Baker DW, Christey SM, Hill WH, Mann DE. The development of a common enumeration of vulnerabilities and exposures. In: Second international workshop on recent advances in intrusion detection; 1999.
3. Bishop M. A taxonomy of UNIX system and network vulnerabilities. Technical Report CSE-9510 (1995), Department of Computer Science, University of California, Davis
4. BugTraq vulnerability database (January 2008). Available from:
5. Engelbrecht A.P. Computational intelligence: an introduction (2002), John Wiley & Sons, Inc. 0-470-84870-7 p. 61-71
6. Engelbrecht A.P. Computational intelligence: an introduction. 2nd ed. (2008), John Wiley & Sons, Inc. 978-0-470-03561-0 p. 65
7. Harnist E. Intelligent vulnerability scanner (January 2002). Available from:
8. Kirk JS, Chang DJ, Zurada JM. A self-organizing map with dynamic architecture for efficient color quantization. In: Proceedings of the international joint conference on neural networks, Washington, D.C.; 2001.
9. Kohonen T. Self-organizing maps (1995), SpringerVerlag, Berlin, Germany
10. Krsul I.V. Software vulnerability analysis (May 1998). Available from:
11. Kujawski P. Why networks must be secured (2003), Cisco Systems, Inc.
12. Li YL, Venter HS, Eloff JHP. Categorizing vulnerabilities using data clustering techniques. In: Proceedings of ISSA conference; June 2004, ISBN: 1-86854-522-9.
13. Microsoft Commerce Server 2002. The STRIDE threat model (January 2008). Available from:
14. MITRE Inc. Available from: (January 2008).
15. MOREnet. Available from: (January 2008).
16. SAINT Corporation. Available from: (January 2008).
17. SFProtect. Available from: (07 October 2006).
18. Venter H.S., and Eloff J.H.P. Harmonising vulnerability categories. South African Computer Journal, 1015-7999 29 (2002) 24-31 Computer Society of South Africa