篇名 | NEW ATTACK POTENTIAL MEASUREMENT METHOD TO KAIZEN EVENT FOR WEB APPLICATION SECURITY VULNERABILITIES |
---|---|
卷期 | 10:2 |
作者 | Kuo-Sui Lin |
頁次 | 089-112 |
關鍵字 | Attack Potential 、 Fuzzy Linguistic Decision Making 、 Fuzzy Pattern Recognition 、 Kaizen Event 、 OWASP Top Ten List 、 Scopus |
出刊日期 | 201912 |
DOI | 10.7903/ijecs.1536 |
With recognition of the importance of web application security, there is a need for study on a conceptual Kaizen framework as a guide to initiate a series of Kaizen events for self-assessment of web application security vulnerabilities. Moreover, there is a need for study on a more effective attack potential measurement method to support the Kaizen event for stepwise measurement and incremental improvement of web application security vulnerabilities. As a result, a conceptual Kaizen framework to guide the Kaizen event was developed and a new attack potential measurement method was proposed in this study. A numerical example was given to demonstrate that the new attack potential measurement method is more suitable than the traditional attack potential measurement method to support the Kaizen event for measuring small but encouraging improvement of web application security vulnerabilities. Finally, conclusions are made and suggestions for future work are proposed.