Predicting Severity of Software Vulnerability Based on Grey System Theory

被引:2
作者
Geng, Jinkun [1 ]
Ye, Daren [1 ]
Luo, Ping [2 ]
机构
[1] Beihang Univ, Sch Software, Beijing 100191, Peoples R China
[2] Tsinghua Univ, Sch Software, Tsinghua Natl Lab Informat Sci & Technol TNlist, Key Lab Informat Syst Secur,Minist Educ, Beijing 100084, Peoples R China
来源
ALGORITHMS AND ARCHITECTURES FOR PARALLEL PROCESSING, ICA3PP 2015 | 2015年 / 9532卷
关键词
Vulnerability; Software security; Severity; Prediction; Grey system theory;
D O I
10.1007/978-3-319-27161-3_13
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Vulnerabilities usually represents the risk level of software, therefore, it is of high value to predict vulnerabilities so as to evaluate the security level of software. Current researches mainly focus on predicting the number of vulnerabilities or the occurrence time of vulnerabilities, however, to our best knowledge, there are no other researches focusing on the prediction of vulnerabilities' severity, which we think is an important aspect reflecting vulnerabilities and software security. To compensate for this deficiency, we propose a novel method based on grey system theory to predict the severity of vulnerabilities. The experiment is carried on the real data collected from CVE and proves the feasibility of our predicting method.
引用
收藏
页码:143 / 152
页数:10
相关论文
共 26 条
[1]   Quantitative vulnerability assessment of systems software [J].
Alhazmi, OH ;
Malaiya, YK .
ANNUAL RELIABILITY AND MAINTAINABILITY SYMPOSIUM, 2005 PROCEEDINGS, 2005, :615-620
[2]  
Alhazmi OH, 2006, P REL MAINT S, P86
[3]  
[Anonymous], 2014, IEEE T SOFTWARE ENG, V40, P1
[4]  
Bauer L, 2005, LECT NOTES COMPUT SC, V3650, P431
[5]   Forecasting of foreign exchange rates of Taiwan's major trading partners by novel nonlinear Grey Bernoulli model NGBM(1,1) [J].
Chen, Chun-I ;
Chen, Hong Long ;
Chen, Shuo-Pei .
COMMUNICATIONS IN NONLINEAR SCIENCE AND NUMERICAL SIMULATION, 2008, 13 (06) :1194-1204
[6]  
Deng Julong, 1989, Journal of Grey Systems, V1, P1
[7]  
Gürbuz HG, 2014, LECT NOTES COMPUT SC, V8769, P64, DOI 10.1007/978-3-319-11743-0_5
[8]   Forecasting the annual electricity consumption of Turkey using an optimized grey model [J].
Hamzacebi, Coskun ;
Es, Huseyin Avni .
ENERGY, 2014, 70 :165-171
[9]   SSRGM: Software Strong Reliability Growth Model Based on Failure Loss [J].
Huang Yafang ;
Liu Yanzhao ;
Luo Ping .
2012 FIFTH INTERNATIONAL SYMPOSIUM ON PARALLEL ARCHITECTURES, ALGORITHMS AND PROGRAMMING (PAAP), 2012, :255-261
[10]   Forecasting of municipal solid waste quantity in a developing country using multivariate grey models [J].
Intharathirat, Rotchana ;
Salam, P. Abdul ;
Kumar, S. ;
Untong, Akarapong .
WASTE MANAGEMENT, 2015, 39 :3-14
123