A Survey on Data-driven Software Vulnerability Assessment and Prioritization

被引:22
|
作者
Le, Triet H. M. [1 ]
Chen, Huaming [1 ]
Babar, M. Ali [1 ,2 ]
机构
[1] Univ Adelaide, CREST Ctr Res Engn Software Technol, Adelaide, SA, Australia
[2] Cyber Secur Cooperat Res Ctr, Joondalup, Australia
来源
ACM COMPUTING SURVEYS | 2023年 / 55卷 / 05期
关键词
Software vulnerability; Vulnerability assessment and prioritization; NEURAL-NETWORKS; SEVERITY; CLASSIFICATION; FRAMEWORK; PATTERNS; TIME;
D O I
10.1145/3529757
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Software Vulnerabilities (SVs) are increasing in complexity and scale, posing great security risks to many software systems. Given the limited resources in practice, SV assessment and prioritization help practitioners devise optimal SV mitigation plans based on various SV characteristics. The surges in SV data sources and data-driven techniques such as Machine Learning and Deep Learning have taken SV assessment and prioritization to the next level. Our survey provides a taxonomy of the past research efforts and highlights the best practices for data-driven SV assessment and prioritization. We also discuss the current limitations and propose potential solutions to address such issues.
引用
收藏
页数:39
相关论文
共 50 条
  • [31] Data-Driven Fault Recovery With Software-Defined Smart Transmission Grids
    Fattahi, Javad
    IEEE ACCESS, 2024, 12 : 183354 - 183368
  • [32] Automatic software vulnerability assessment by extracting vulnerability elements
    Sun, Xiaobing
    Ye, Zhenlei
    Bo, Lili
    Wu, Xiaoxue
    Wei, Ying
    Zhang, Tao
    Li, Bin
    JOURNAL OF SYSTEMS AND SOFTWARE, 2023, 204
  • [33] A Data-Driven Solar Irradiance Forecasting Model with Minimum Data
    Lyu, Cheng
    Basumallik, Sagnik
    Eftekharnejad, Sara
    Xu, Chongfang
    2021 IEEE TEXAS POWER AND ENERGY CONFERENCE (TPEC), 2021, : 307 - 312
  • [34] The Evolution of Data-Driven Modeling in Organic Chemistry
    Williams, Wendy L.
    Zeng, Lingyu
    Gensch, Tobias
    Sigman, Matthew S.
    Doyle, Abigail G.
    Anslyn, Eric, V
    ACS CENTRAL SCIENCE, 2021, 7 (10) : 1622 - 1637
  • [35] Data-driven AI algorithms for construction machinery
    Liang, Ke
    Zhao, Jiahao
    Zhang, Zhiqing
    Guan, Wei
    Pan, Mingzhang
    Li, Mantian
    AUTOMATION IN CONSTRUCTION, 2024, 167
  • [36] Special issue: Informatics & data-driven medicine
    Izonin, Ivan
    Shakhovska, Nataliya
    MATHEMATICAL BIOSCIENCES AND ENGINEERING, 2021, 18 (05) : 6430 - 6433
  • [37] Data-driven probabilistic failure assessment curve based on similitude principle
    Li, Siyuan
    Gong, Baoming
    Dai, Lianshuang
    Deng, Caiyan
    Di, Xinjie
    INTERNATIONAL JOURNAL OF SOLIDS AND STRUCTURES, 2024, 295
  • [38] Assessment of occupational risks In Turkish manufacturing systems with data-driven models
    Mutlu, Nazli G.
    Altuntas, Serkan
    JOURNAL OF MANUFACTURING SYSTEMS, 2019, 53 : 169 - 182
  • [39] Data-driven Human Mobility Modeling: A Survey and Engineering Guidance for Mobile Networking
    Hess, Andrea
    Hummel, Karin Anna
    Gansterer, Wilfried N.
    Haring, Guenter
    ACM COMPUTING SURVEYS, 2015, 48 (03)
  • [40] Data-driven assessment framework of health cities for elderly individuals in China
    Wang, Qing
    Wu, Kuo-Jui
    Tseng, Ming-Lang
    Zong, Jingru
    Wang, Lingli
    Lu, Chunyu
    Bing, Yan
    SUSTAINABLE CITIES AND SOCIETY, 2022, 80
12345