Better Not to Use Vulnerability’s Reference for Exploitability Prediction

Yang, Hee-dong; Park, Seungsoo; Yim, Kangbin; Lee, Manhee

doi:10.3390/app10072555

Cited by 16 publications

(6 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Few of the existing vulnerabilities are exploited by attackers [18]. This rate is about 20% of all software vulnerabilities [7]. This situation clearly shows us the advantage of being able to anticipate the deficits that merit focus.…”

Section: Introductionmentioning

confidence: 99%

“…CVE lists are used by many academic and empirical studies [5,6]. Half of the exploits that took place occurred within two weeks of posting the vulnerabilities [7]. This shows the importance of quickly analyzing security vulnerabilities and accurately determining their severity.…”

Section: Introductionmentioning

confidence: 99%

“…Although different systems have been proposed, the Common Vulnerability Scoring System (CVSS), which is officially used by NVD, has been accepted by all IT professionals and has become the standard in this field. The system, which is constantly updated, is currently available in 2.0 and 3.1 versions [7][8][9][10]. The main goal of CVSS is to create a common structure that accurately determines the seriousness and impact of security vulnerabilities [9].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Multiclass Approach to Estimating Software Vulnerability Severity Rating with Statistical and Word Embedding Methods

KEKÜL¹,

Ergen²,

Arslan³

2022

IJCNIS

View full text Add to dashboard Cite

The analysis and grading of software vulnerabilities is an important process that is done manually by experts today. For this reason, there are time delays, human errors, and excessive costs involved with the process. The final result of these software vulnerability reports created by experts is the calculation of a severity score and a severity rating. The severity rating is the first and foremost value of the software’s vulnerability. The vulnerabilities that can be exploited are only 20% of the total vulnerabilities. The vast majority of exploitations take place within the first two weeks. It is therefore imperative to determine the severity rating without time delays. Our proposed model uses statistical methods and deep learning-based word embedding methods from natural language processing techniques, and machine learning algorithms that perform multi-class classification. Bag of Words, Term Frequency Inverse Document Frequency and Ngram methods, which are statistical methods, were used for feature extraction. Word2Vec, Doc2Vec and Fasttext algorithms are included in the study for deep learning based Word embedding. In the classification stage, Naive Bayes, Decision Tree, K-Nearest Neighbors, Multi-Layer Perceptron, and Random Forest algorithms that can make multi-class classification were preferred. With this aspect, our model proposes a hybrid method. The database used is open to the public and is the most reliable data set in the field. The results obtained in our study are quite promising. By helping experts in this field, procedures will speed up. In addition, our study is one of the first studies containing the latest version of the data size and scoring systems it covers.

show abstract

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Multiclass Approach to Estimating Software Vulnerability Severity Rating with Statistical and Word Embedding Methods

KEKÜL¹,

Ergen²,

Arslan³

2022

IJCNIS

View full text Add to dashboard Cite

show abstract

“…Yang vd. (Yang et al 2020), istismar kodlarının yaklaşık yarısının güvenlik açığının ilanından iki hafta içerisinde kullanıldığı açıklamıştır. Bunun yanında ilan edilen açıların sadece %20'sinin istismara maruz kaldığı belirtilmektedir.…”

Section: Introductionunclassified

Yazılım Güvenlik Açığı Veri Tabanları

Kekül¹,

Ergen²,

Arslan³

2021

European Journal of Science and Technology

View full text Add to dashboard Cite

ÖzBir yazılım bileşeninin güvenlik açığı eğiliminin öngörülmesi, yazılım mühendisliğinin zorlayıcı araştırma alanlarından biridir. Bir bileşenin güvenlik açığı eğilimi hakkında önceden bilgi sahibi olmak, test çabasını ve süreyi önemli ölçüde azaltabilir. Yazılım güvenlik açıklarının belirlenmesi ve sınıflandırılması geliştiricilere yazılımın geliştirilmesinde doğru karar verme noktasında yardımcı olacaktır. Bu sebeple yazılımlarda tespit edilen açıklar çok uzun zamandır veri tabanlarına kaydedilmektedir. Farklı araştırma grupları tarafından pek çok veri tabanı oluşmuştur. Bu çeşitlilik her veri tabanına kendi içinde avantajlar ve dezavantajlar sağlamıştır. Bu çalışmada araştırmacıların çalışmalarında hangi veri tabanını kullanacaklarına karar vermelerine yardımcı olmak ve literatürde kullanılan en güncel ve erişime açık olanların sistematik bir listesi oluşturulmuştur. Yazılım güvenlik açığı tespiti ve sınıflandırmasında kullanan birçok farklı veri tabanının incelenmesi ve karşılaştırması yer almaktadır. Çalışmanın sonunda sonuçlar sunulmuş ve gelecekteki çalışmalar için yönlendirici tavsiyeler verilmiştir.

show abstract

“…Furthermore, due to the ongoing Covid-19 pandemic [1] and related increased use of internet services, the cybersecurity issues have the potential to affect a much larger, than in previous years, part of the human population. Consequently, the identification and prioritization of vulnerabilities becomes a critical issue for a company that offers internet services [1,2].…”

Section: Introductionmentioning

confidence: 99%

Efficient Algorithm for Providing Live Vulnerability Assessment in Corporate Network Environment

et al. 2020

View full text Add to dashboard Cite

The time gap between public announcement of a vulnerability—its detection and reporting to stakeholders—is an important factor for cybersecurity of corporate networks. A large delay preceding an elimination of a critical vulnerability presents a significant risk to the network security and increases the probability of a sustained damage. Thus, accelerating the process of vulnerability identification and prioritization helps to red the probability of a successful cyberattack. This work introduces a flexible system that collects information about all known vulnerabilities present in the system, gathers data from organizational inventory database, and finally integrates and processes all collected information. Thanks to application of parallel processing and non relational databases, the results of this process are available subject to a negligible delay. The subsequent vulnerability prioritization is performed automatically on the basis of the calculated CVSS 2.0 and 3.1 scores for all scanned assets. The environmental CVSS vector component is evaluated accurately thanks to the fact that the environmental data is imported directly from the organizational inventory database.

show abstract

Better Not to Use Vulnerability’s Reference for Exploitability Prediction

Cited by 16 publications

References 10 publications

A Multiclass Approach to Estimating Software Vulnerability Severity Rating with Statistical and Word Embedding Methods

A Multiclass Approach to Estimating Software Vulnerability Severity Rating with Statistical and Word Embedding Methods

Yazılım Güvenlik Açığı Veri Tabanları

Efficient Algorithm for Providing Live Vulnerability Assessment in Corporate Network Environment

Contact Info

Product

Resources

About