Time series forecast modeling of vulnerabilities in the android operating system using ARIMA and deep learning methods

Security vulnerability prediction models allow estimation of the number of potential vulnerabilities and evaluation of the risks caused by these vulnerabilities. In particular, for modeling the vulnerabilities that may occur in software versions over time, it is appropriate to take the necessary countermeasures. These models are crucial in areas such as determining the number of resources required to cope with security vulnerabilities. These reported vulnerabilities, we anticipate the actions of OS companies to make strategic and operational decisions such as secure deployment. The operating system includes backup provisioning, disaster recovery. Although many vulnerability predictions models have been constructed, most of these are for operating systems and internet browsers, and non-exist for the Android mobile operating system, which has the highest number of users. In contrast to other studies, the present study investigated Android vulnerabilities that directly depend on time. Time series, multilayer perceptron (MLP), convolutional neural network (CNN), long short term memory (LSTM), Convolutional LSTM (ConvLSTM) and CNN-LSTM based models were generated, and the best model, providing the lowest error rates for the prediction of future security vulnerabilities, was selected. Data for the creation of the models were obtained by filtering security vulnerabilities published in the National Vulnerability Database (NVD) using the keyword Android. It was observed that the LSTM model has an error rate of 26.830 and the ARIMA model has an error rate of 18.449. Finally, it has been determined that LSTM based algorithms reach error rates that can compete with classical time series models despite limited data.