Security Model Based Method for Quantitative Risk Evaluation of Zero-Day Attacks

In this paper, the aim is to develop a system for risk assessment of potential Zero Day attacks before their occurrence. Due to their unpredictable nature, their prevention and stopping them from occurrence is much more difficult than the known ones and also impossible in some cases. As a result, exploiting such vulnerabilities may cause irreparable pecuniary loss and outrage. So, developing such preventive security mechanisms for zero day attacks is vital for maintaining national, economic and military assets. Developing a preventive system for risk assessment of zero day attacks to perform minimum cost network hardening is inevitable. Here we are going to develop a security based model for risk assessment of probable zero day attacks. The output of the framework will be the risk of possible zero day attacks that will be useful for the network administrator to perform minimum cost network hardening. This is noticeable because, trying to prevent the most risky zero day attacks decreases their fatal effects.