Predicting the Discovery Pattern of Publically Known Exploited Vulnerabilities
نویسندگان
چکیده
Vulnerabilities with publically known exploits typically form 2-7% of all vulnerabilities reported for a given software version. With smaller number exploited compared the total vulnerabilities, it is more difficult to model and predict when vulnerability exploit will be reported. In this paper, we introduce an approach predicting discovery pattern using software. Eight commonly used models (VDMs) one neural network (NNM) were utilized evaluate prediction capability our approach. We their predictions results scenario only prediction. Our show that, in terms accuracy, out eight analyzed, led accurate seven cases. Only case, accuracy was worse by 1.6%.
منابع مشابه
BREWING UP TROUBLE: Analyzing Four Widely Exploited Java Vulnerabilities
Figure 1 shows the detection prevalence of CVEs exploited in the wild. Judging from the frequency of exploited vulnerabilities, Java Runtime Environment (JRE 7) appears to be the most frequently exploited platform. Introduction Java is widely used by developers—so much so that many applications and websites do not run properly without Java installed in users' systems. This widespread adoption m...
متن کاملAutomatic Discovery of API-Level Vulnerabilities
A system is vulnerable to an API-level attack if its security can be compromised by invoking an allowed sequence of operations from its API. We present a formal framework to model and analyze APIs, and develop an automatic technique based upon bounded model checking to discover API-level vulnerabilities. If a vulnerability exists, our technique produces a trace of API operations demonstrating a...
متن کاملFormal Reasoning of Various Categories of Widely Exploited Security Vulnerabilities by Pointer Taintedness Semantics
This paper is motivated by a low level analysis of various categories of severe security vulnerabilities, which indicates that a common characteristic of many classes of vulnerabilities is pointer taintedness. A pointer is said to be tainted if a user input can directly or indirectly be used as a pointer value. In order to reason about pointer taintedness, a memory model is needed. The main con...
متن کاملPredicting Creditworthiness With Publically Observable Characteristics: Evidence From ASCRAs and RoSCAs in the Gambia
While informal finance flourishes in Africa, formal finance flounders. This is especially true for poorer households. This paper investigates whether publicly observable characteristics help predict which households get access to informal finance and which do not. It also examines whether Accumulating Savings and Credit Associations (ASCRAs) reach poorer borrowers than do Rotating Savings and C...
متن کاملSearch in a Known Pattern
In this paper a market where a buyer (job seeker) is searching in a known order among sellers (e.g. a motorist driving along a road looking for gasoline) is described. Both sellers and buyers are assumed to behave strategically. There are many types of buyers. The sellers know only the distribution of all possible buyers; similarly, buyers have imperfect information about sellers. The analysis ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE Transactions on Dependable and Secure Computing
سال: 2021
ISSN: ['1941-0018', '1545-5971', '2160-9209']
DOI: https://doi.org/10.1109/tdsc.2020.3014872