2017
DOI: 10.1109/access.2017.2769063
|View full text |Cite
|
Sign up to set email alerts
|

Predicting Exploitations of Information Systems Vulnerabilities Through Attackers’ Characteristics

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

0
12
0

Year Published

2018
2018
2024
2024

Publication Types

Select...
5
2
2

Relationship

0
9

Authors

Journals

citations
Cited by 16 publications
(12 citation statements)
references
References 21 publications
0
12
0
Order By: Relevance
“…Papers such as [18], by Houmb et al, use CVSS to predict the frequency and impact of failures from a risk management perspective. Dobrovoljc et al [12] suggest an improvement over CVSS that explicitly includes the features of perceived attackers who may be able to exploit a vulnerability. Similarly, Wang et al [38], and Liu and Zhang [22] also suggest new scales by pointing our certain deficiencies in CVSS that restrict its usage in their contexts.…”
Section: Cvss Scalementioning
confidence: 99%
“…Papers such as [18], by Houmb et al, use CVSS to predict the frequency and impact of failures from a risk management perspective. Dobrovoljc et al [12] suggest an improvement over CVSS that explicitly includes the features of perceived attackers who may be able to exploit a vulnerability. Similarly, Wang et al [38], and Liu and Zhang [22] also suggest new scales by pointing our certain deficiencies in CVSS that restrict its usage in their contexts.…”
Section: Cvss Scalementioning
confidence: 99%
“…Fixing vulnerabilities requires a lot of effort, time, and resources [1,2]. The cybersecurity analysts in the CERT/CSIRT of the different organizations have an arduous task at the level of proactive services whose main objective is to prevent attacks before they happen [3]. Those responsible for security must also analyze what vulnerabilities affect IT assets.…”
Section: Introductionmentioning
confidence: 99%
“…However, the efficiency of this metric is affected by additional environment variables present in computer networks. Thus, by itself, it is not a good predictor of vulnerability exploitation and probability of occurrence [1][2][3]. Additionally, due to the large number of vulnerabilities that NVD contains and the amount of information for each exposure, it is essential to maintain an analysis with as many variables as possible [9].…”
Section: Introductionmentioning
confidence: 99%
“…Recent studies have used machine learning or deep learning to predict vulnerability exploitation [11][12][13][14][15]. Machine learning is divided into supervised learning to train with answer data and non-supervised learning to train without answer data.…”
Section: Introductionmentioning
confidence: 99%