Welcome To UTPedia

We would like to introduce you, the new knowledge repository product called UTPedia. The UTP Electronic and Digital Intellectual Asset. It stores digitized version of thesis, dissertation, final year project reports and past year examination questions.

Browse content of UTPedia using Year, Subject, Department and Author and Search for required document using Searching facilities included in UTPedia. UTPedia with full text are accessible for all registered users, whereas only the physical information and metadata can be retrieved by public users. UTPedia collaborating and connecting peoples with university’s intellectual works from anywhere.

Disclaimer - Universiti Teknologi PETRONAS shall not be liable for any loss or damage caused by the usage of any information obtained from this web site.Best viewed using Mozilla Firefox 3 or IE 7 with resolution 1024 x 768.

An Expert System for Rating Vulnerabilities

Qianjun, Jong (2013) An Expert System for Rating Vulnerabilities. Universiti Teknologi Petronas.

[img]
Preview
PDF
Download (1776Kb) | Preview

Abstract

Over the past few years, there has been a worrying trend of increment in number of web application intrusions. Based on reports released by reliable sources, these incidents are due to the lack of experts in performing accurate risk assessment to mitigate the risk while performing web security testing. Risk assessment is the core process in providing appropriate recommendations when dealing with vulnerabilities discovered in a web application. Therefore this research paper will be highlighting the problem of insufficient experts to guide the less experienced information security analyst in conducting effective risk assessment. The objective of this research will be to design an expert system to aid the less experienced system analyst in conducting accurate risk assessment during the absence of experts. The expert system will cover all risk rating of vulnerabilities included in the OWASP Top 10 2013, and the target user will only be the less experienced information system analyst. The methodology used in the research would be based on the expert system development life cycle model. The main activity conducted is the construction of knowledge base of the proposed expert system. Based on the results of collected knowledge and information from the internet as well as interviewing experts, the knowledge developer will construct a decision tree which aids in the development of the expert system in later phase of the research.

Item Type: Final Year Project
Academic Subject : Academic Department - Electrical And Electronics - Instrumentation and Control - Intelligent System - Predictive Model for Reformer Tube
Subject: UNSPECIFIED
Divisions: Sciences and Information Technology > Computer and Information Sciences
Depositing User: Users 2053 not found.
Date Deposited: 28 Feb 2014 11:48
Last Modified: 25 Jan 2017 09:38
URI: http://utpedia.utp.edu.my/id/eprint/13520

Actions (login required)

View Item View Item

Document Downloads

More statistics for this item...