Predicting Cyber Risks through National Vulnerability Database

نویسندگان

  • Su Zhang
  • Xinming Ou
  • Doina Caragea
چکیده

Su Zhang1, Xinming Ou2, and Doina Caragea3 1Cloud Platform Engineering, Symantec Corporation, Mountain View, California, USA 2Department of Computer Science and Engineering, University of South Florida, Tampa, Florida, USA 3Department of Computing and Information Sciences, Kansas State University, Manhattan, Kansas, USA ABSTRACT Software vulnerabilities are the major cause of cyber security problems. The National Vulnerability Database (NVD) is a public data source that maintains standardized information about reported software vulnerabilities. Since its inception in 1997, NVD has published information about more than 43,000 software vulnerabilities affecting more than 17,000 software applications. This information is potentially valuable in understanding trends and patterns in software vulnerabilities so that one can better manage the security of computer systems that are pestered by the ubiquitous software security flaws. In particular, one would like to be able to predict the likelihood that a piece of software contains a yet-to-be-discovered vulnerability, which must be taken into account in security management due to the increasing trend in zero-day attacks. We conducted an empirical study on applying data-mining techniques on NVD data with the objective of predicting the time to next vulnerability for a given software application. We experimented with various features constructed using the information available in NVD and applied various machine learning algorithms to examine the predictive power of the data. Our results show that the data in NVD generally have poor prediction capability, with the exception of a few vendors and software applications. We suggest possible reasons for why the NVD data have not produced a reasonable prediction model for time to next vulnerability with our current approach, and suggest alternative ways in which the data in NVD can be used for the purpose of risk estimation.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

IRS: An Issue Resolution System for Cyber Attack Classification and Management

Cyber-attacks have greatly increased over the years, where the attackers have strategically improved in devising attacks toward a specific target. In order to correctly classify cyber-attacks there is a considerable need to neatly organize a representation scheme that is useful in an application setting. The classification of cyber-attacks within knowledge bodies, such as Computer Emergency Rea...

متن کامل

Determining Risks from Advanced Multi-step Attacks to Critical Information Infrastructures

Industrial Control Systems (ICS) monitor and control industrial processes, and enable automation in industry facilities. Many of these facilities are regarded as Critical Infrastructures (CIs). Due to the increasing use of Commercial-Off-The-Shelf (COTS) IT products and connectivity offerings, CIs have become an attractive target for cyberattacks. A successful attack could have significant cons...

متن کامل

A Social Cyber Contract Theory Model for Understanding National Cyber Strategies

Today's increasing connectivity creates cyber risks at personal, organizational up to societal level. Societal cyber risks require mitigation by all kinds of actors where government should take the lead due to its responsibility to protect its citizens. Since no formal global governance exists, the governmental responsibility should start at the national level of every country. To achieve succe...

متن کامل

Linking Cybersecurity Knowledge: Cybersecurity Information Discovery Mechanism

To cope with increasing amount of cyber threats, organizations need to share cybersecurity information beyond the borders of organizations, countries, and even languages. Assorted organizations built repositories that store and provide XML-based cybersecurity information on the Internet. Among them are NVD [1], OSVDB [2], and JVN [3], and more cybersecurity information from various organization...

متن کامل

Cyber-sword v. cyber-shield: The Dynamics of US Cybersecurity Policy Priorities

Recent efforts to address cybersecurity risks have focused on leveraging the immense technical capacity of the American intelligence community to protect the nation’s information technology infrastructure, and to project power in a new domain. This creates a potential conflict of interest: the joint duties of breaking into foreign systems while securing our own raises questions about competing ...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • Information Security Journal: A Global Perspective

دوره 24  شماره 

صفحات  -

تاریخ انتشار 2015