Threat analyses using vulnerability databases —Possibility of utilizing past analysis results—

The identification of vulnerabilities is a continuous challenge in software projects. This is due to the evolution of methods that attackers employ as well as the constant updates to the software, which reveal additional issues. As a result, new and innovative approaches for the identification of vulnerable software are needed. In this paper, we present VULNERLIZER, which is a novel framework for cross-analysis between vulnerabilities and software libraries. It uses CVE (Common Vulnerabilities and Exposures) and software library data together with clustering algorithms to generate links between vulnerabilities and libraries. In addition, the training of the model is conducted in order to reevaluate the generated associations. This is achieved by updating the assigned weights. Finally, the approach is evaluated by making the predictions using the CVE data from the test set. The results show a great potential of the approach in predicting future vulnerable libraries based on an initial input CVE entry or a software library. The trained model reaches a prediction accuracy of 75% or higher.

show abstract

“…Umezawa et al [13] proposed a threat analysis approach that uses data from vulnerability databases as well as system design information.…”

Section: Matching Approachesmentioning

confidence: 99%

VULNERLIZER: Cross-analysis Between Vulnerabilities and Software Libraries

Pekaric

Felderer

Steinmüller³

2021

Proceedings of the Annual Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

show abstract

“…To perform vulnerability assessment, cyber defenders can either manually obtain and process information about the discovered computer security vulnerabilities from the publicly available vulnerability databases (VDBs) [3][4][5] such as NVD, Common Vulnerabilities And Exposures (CVE), Open Source Vulnerability Database (OSVDB), etc. or use vulnerability scanning tools [6][7][8].…”

Section: Introductionmentioning

confidence: 99%

Dynamic Risk Assessment and Analysis Framework for Large-Scale Cyber-Physical Systems

Malik¹,

Tosh²

2018

ICST Transactions on Security and Safety

View full text Add to dashboard Cite

Cyberspace is growing at full tilt creating an amalgamation of disparate systems. This heterogeneity leads to increased system complexity and security flaws. It is crucial to understand and identify these flaws to prevent catastrophic events. However, the current state-of-the-art solutions are threat-specific and focus on either risk, vulnerabilities, or adversary emulation. In this work, we present a scalable Cyber-threats and Vulnerability Information Analyzer (CyVIA) framework. CyVIA analyzes cyber risks and abnormalities in real-time using multi-formatted knowledge bases derived from open-source vulnerability databases. CyVIA achieves the following goals: 1) assess the target network for risk and vulnerabilities, 2) map services and policies to network nodes, 3) classify nodes based on severity, and 4) provide consequences, mitigation, and relationships for the found vulnerabilities. We use CyVIA and other tools to examine a simulated network for threats and compare the results.

show abstract