The Effect of Common Vulnerability Scoring System Metrics on Vulnerability Exploit Delay

Feutrill, Andrew; Ranathunga, Dinesha; Yarom, Yuval; Roughan, Matthew

doi:10.1109/candar.2018.00009

Cited by 33 publications

(16 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The Common Vulnerability Scoring System (CVSS) [9] brings together practices, standards and guidelines useful in the industry. CVSS helps determine the severity and specifications of vulnerability by converting a qualitative input to a digital output.…”

Section: Risk Assessment Methodologiesmentioning

confidence: 99%

Security Risk Assessment for Internet Of Things based Forest Fires Detection System

2020

IJATCSE

View full text Add to dashboard Cite

The Internet of Things (IoT) refers to all physical devices or objects that receive and transfer data over wireless networks, without human intervention. Actually, various applications have adapted IoT technology. Among this application is the IoT-Forest Fires Detection System, which aims to provide 24/7 forest fire monitoring and detection. So, the adaptation of IoT technology poses new security challenges, which make Forest Fires Detection System being insecure and extremely vulnerable to different types of security attacks. Therefore, it is necessary to develop a complete vision of the security status of Forest Fires Detection System by identifying the possible security risks. In this context, this article applies the (OCTAVE) Operationally Critical Threat, Asset, and Vulnerability Evaluation methodology, to specify the security risks, to highlight the various security vulnerabilities and to propose adequate countermeasures to mitigating the identified risks. Hence, we can use the research result for developing the security policy and the security requirements of Fires Detection System.

show abstract

Section: Risk Assessment Methodologiesmentioning

confidence: 99%

Security Risk Assessment for Internet Of Things based Forest Fires Detection System

2020

IJATCSE

View full text Add to dashboard Cite

show abstract

“…We select fastText proposed by Joulin et al [23,24] to train a neural language model, and its classification results or the sum of word representations will be combined with other features as input to the final prediction model. For short texts related to vulnerabilities, using fas-tText classification model can often achieve good results.…”

Section: Text Featurementioning

confidence: 99%

“…Since the aim is to identify blogs that describe exploited vulnerabilities, we use the fas-tEmbed model to implement 5-fold cross-validation on limited data. The fastEmbed model learns the embeddings of character n-grams and represents every word as a sum of the n-gram vectors [24]. Then we average all the word vectors in a blog as the feature of LightGBM classifier.…”

Section: Security Blogsmentioning

confidence: 99%

“…To address these challenges, we describe an integrated model, which uses a neural network model [23,24] to embed vulnerability-related text to derive the inherent meaning of the text. Then the classification results derived by the text embedding model or text embedding are combined with other features to predict the exploitation of vulnerabilities by applying LightGBM algorithm [25] on unbalanced data.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

FastEmbed: Predicting vulnerability exploitation possibility based on ensemble machine learning algorithm

et al. 2020

View full text Add to dashboard Cite

In recent years, the number of vulnerabilities discovered and publicly disclosed has shown a sharp upward trend. However, the value of exploitation of vulnerabilities varies for attackers, considering that only a small fraction of vulnerabilities are exploited. Therefore, the realization of quick exclusion of the non-exploitable vulnerabilities and optimal patch prioritization on limited resources has become imperative for organizations. Recent works using machine learning techniques predict exploited vulnerabilities by extracting features from open-source intelligence (OSINT). However, in the face of explosive growth of vulnerability information, there is room for improvement in the application of past methods to multiple threat intelligence. A more general method is needed to deal with various threat intelligence sources. Moreover, in previous methods, traditional text processing methods were used to deal with vulnerability related descriptions, which only grasped the static statistical characteristics but ignored the context and the meaning of the words of the text. To address these challenges, we propose an exploit prediction model, which is based on a combination of fastText and LightGBM algorithm and called fastEmbed. We replicate key portions of the state-of-the-art work of exploit prediction and use them as benchmark models. Our model outperforms the baseline model whether in terms of the generalization ability or the prediction ability without temporal intermixing with an average overall improvement of 6.283% by learning the embedding of vulnerability-related text on extremely imbalanced data sets. Besides, in terms of predicting the exploits in the wild, our model also outperforms the baseline model with an F1 measure of 0.586 on the minority class (33.577% improvement over the work using features from darkweb/deepweb). The results demonstrate that the model can improve the ability to describe the exploitability of vulnerabilities and predict exploits in the wild effectively.

show abstract

“…Calculating the Utility. According to Richard [27], common vulnerability [28] and the database of attack-anddefense behaviors from MIT [29], attack strategies that are composed of basic options are listed in Table 2.…”

Section: 2mentioning

confidence: 99%

A Novel Attack-and-Defense Signaling Game for Optimal Deceptive Defense Strategy Choice

Zhang

Guo

et al. 2020

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Increasingly, more administrators (defenders) are using defense strategies with deception such as honeypots to improve the IoT network security in response to attacks. Using game theory, the signaling game is leveraged to describe the confrontation between attacks and defenses. However, the traditional approach focuses only on the defender; the analysis from the attacker side is ignored. Moreover, insufficient analysis has been conducted on the optimal defense strategy with deception when the model is established with the signaling game. In our work, the signaling game model is extended to a novel two-way signaling game model to describe the game from the perspectives of both the defender and the attacker. First, the improved model is formally defined, and an algorithm is proposed for identifying the refined Bayesian equilibrium. Then, according to the calculated benefits, optimal strategies choice for both the attacker and the defender in the game are analyzed. Last, a simulation is conducted to evaluate the performance of the proposed model and to demonstrate that the defense strategy with deception is optimal for the defender.

show abstract

The Effect of Common Vulnerability Scoring System Metrics on Vulnerability Exploit Delay

Cited by 33 publications

References 8 publications

Security Risk Assessment for Internet Of Things based Forest Fires Detection System

Security Risk Assessment for Internet Of Things based Forest Fires Detection System

FastEmbed: Predicting vulnerability exploitation possibility based on ensemble machine learning algorithm

A Novel Attack-and-Defense Signaling Game for Optimal Deceptive Defense Strategy Choice

Contact Info

Product

Resources

About