Common vulnerability scoring system prediction based on open source intelligence information sources

Küehn, Philipp; N., Relke, David; Reuter, Christian

doi:10.1016/j.cose.2023.103286

Cited by 17 publications

(1 citation statement)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the analyzed papers, the authors cover only one approach to the automated vulnerability assessment, based on the NLP of the vulnerability descriptions. Such a method is proposed in [51], where the authors categorize vulnerabilities based on their summaries using a taxonomy modeled for industry, and in [52], where the authors use machine learning based on the textual descriptions of the vulnerabilities to predict their CVSS vectors or scores. We assume that the approach based on the source code analysis will allow providing objective and explainable vulnerability and exploit metrics.…”

Section: Resultsmentioning

confidence: 99%

An Analytical Review of the Source Code Models for Exploit Analysis

Fedorchenko,

Novikova,

Fedorchenko

et al. 2023

Information

View full text Add to dashboard Cite

Currently, enhancing the efficiency of vulnerability detection and assessment remains relevant. We investigate a new approach for the detection of vulnerabilities that can be used in cyber attacks and assess their severity for further effective responses based on an analysis of exploit source codes and real-time detection of features of their implementation. The key element of this approach is an exploit source code model. In this paper, to specify the model, we systematically analyze existing source code models, approaches to source code analysis in general, and exploits in particular in order to examine their advantages, applications, and challenges. Finally, we provide an initial specification of the proposed source code model.

show abstract

Section: Resultsmentioning

confidence: 99%