A Survey on Data-driven Software Vulnerability Assessment and Prioritization

被引:22
|
作者
Le, Triet H. M. [1 ]
Chen, Huaming [1 ]
Babar, M. Ali [1 ,2 ]
机构
[1] Univ Adelaide, CREST Ctr Res Engn Software Technol, Adelaide, SA, Australia
[2] Cyber Secur Cooperat Res Ctr, Joondalup, Australia
来源
ACM COMPUTING SURVEYS | 2023年 / 55卷 / 05期
关键词
Software vulnerability; Vulnerability assessment and prioritization; NEURAL-NETWORKS; SEVERITY; CLASSIFICATION; FRAMEWORK; PATTERNS; TIME;
D O I
10.1145/3529757
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Software Vulnerabilities (SVs) are increasing in complexity and scale, posing great security risks to many software systems. Given the limited resources in practice, SV assessment and prioritization help practitioners devise optimal SV mitigation plans based on various SV characteristics. The surges in SV data sources and data-driven techniques such as Machine Learning and Deep Learning have taken SV assessment and prioritization to the next level. Our survey provides a taxonomy of the past research efforts and highlights the best practices for data-driven SV assessment and prioritization. We also discuss the current limitations and propose potential solutions to address such issues.
引用
收藏
页数:39
相关论文
共 50 条
  • [21] A Survey on Data-Driven 3D Shape Descriptors
    Rostami, R.
    Bashiri, F. S.
    Rostami, B.
    Yu, Z.
    COMPUTER GRAPHICS FORUM, 2019, 38 (01) : 356 - 393
  • [22] Digital Restoration of Cultural Heritage With Data-Driven Computing: A Survey
    Basu, Arkaprabha
    Paul, Sandip
    Ghosh, Sreeya
    Das, Swagatam
    Chanda, Bhabatosh
    Bhagvati, Chakravarthy
    Snasel, Vaclav
    IEEE ACCESS, 2023, 11 : 53939 - 53977
  • [23] Data-Driven Microstructure Property Relations
    Lissner, Julian
    Fritzen, Elix
    MATHEMATICAL AND COMPUTATIONAL APPLICATIONS, 2019, 24 (02)
  • [24] Data-Driven Supervised Learning for Life Science Data
    Muench, Maximilian
    Raab, Christoph
    Biehl, Michael
    Schleif, Frank-Michael
    FRONTIERS IN APPLIED MATHEMATICS AND STATISTICS, 2020, 6
  • [25] Assessment of data-driven modeling approaches for chromatographic separation processes
    Michalopoulou, Foteini
    Papathanasiou, Maria M.
    AICHE JOURNAL, 2024, 70 (12)
  • [26] Reducing Uncertainty in the American Community Survey through Data-Driven Regionalization
    Spielman, Seth E.
    Folch, David C.
    PLOS ONE, 2015, 10 (02):
  • [27] Bias in data-driven artificial intelligence systems-An introductory survey
    Ntoutsi, Eirini
    Fafalios, Pavlos
    Gadiraju, Ujwal
    Iosifidis, Vasileios
    Nejdl, Wolfgang
    Vidal, Maria-Esther
    Ruggieri, Salvatore
    Turini, Franco
    Papadopoulos, Symeon
    Krasanakis, Emmanouil
    Kompatsiaris, Ioannis
    Kinder-Kurlanda, Katharina
    Wagner, Claudia
    Karimi, Fariba
    Fernandez, Miriam
    Alani, Harith
    Berendt, Bettina
    Kruegel, Tina
    Heinze, Christian
    Broelemann, Klaus
    Kasneci, Gjergji
    Tiropanis, Thanassis
    Staab, Steffen
    WILEY INTERDISCIPLINARY REVIEWS-DATA MINING AND KNOWLEDGE DISCOVERY, 2020, 10 (03)
  • [28] Artificial intelligence-based data-driven prognostics in industry: A survey
    El-Brawany, Mohamed A.
    Ibrahim, Dina Adel
    Elminir, Hamdy K.
    Elattar, Hatem M.
    Ramadan, E. A.
    COMPUTERS & INDUSTRIAL ENGINEERING, 2023, 184
  • [29] Survey of software vulnerability detection techniques
    School of Computer Science and Engineering, Beihang University, Beijing
    100191, China
    不详
    410073, China
    Jisuanji Xuebao, 4 (717-732): : 717 - 732
  • [30] Software Vulnerability Detection Using Deep Neural Networks: A Survey
    Lin, Guanjun
    Wen, Sheng
    Han, Qing-Long
    Zhang, Jun
    Xiang, Yang
    PROCEEDINGS OF THE IEEE, 2020, 108 (10) : 1825 - 1848
12345