DocumentCode
3666553
Title
Using historical software vulnerability data to forecast future vulnerabilities
Author
David Last
Author_Institution
Air Force Research Laboratory Information Directorate, RISB Rome, NY USA
fYear
2015
fDate
8/1/2015 12:00:00 AM
Firstpage
1
Lastpage
7
Abstract
The field of network and computer security is a never-ending race with attackers, trying to identify and patch software vulnerabilities before they can be exploited. In this ongoing conflict, it would be quite useful to be able to predict when and where the next software vulnerability would appear. The research presented in this paper is the first step towards a capability for forecasting vulnerability discovery rates for individual software packages. This first step involves creating forecast models for vulnerability rates at the global level, as well as the category (web browser, operating system, and video player) level. These models will later be used as a factor in the predictive models for individual software packages. A number of regression models are fit to historical vulnerability data from the National Vulnerability Database (NVD) to identify historical trends in vulnerability discovery. Then, k-NN classification is used in conjunction with several time series distance measurements to select the appropriate regression models for a forecast. 68% and 95% confidence bounds are generated around the actual forecast to provide a margin of error. Experimentation using this method on the NVD data demonstrates the accuracy of these forecasts, as well as the accuracy of the confidence bounds forecasts. Analysis of these results indicates which time series distance measures produce the best vulnerability discovery forecasts.
Keywords
"Predictive models","Training","Market research","Software packages","Accuracy","Time series analysis"
Publisher
ieee
Conference_Titel
Resilience Week (RWS), 2015
Type
conf
DOI
10.1109/RWEEK.2015.7287429
Filename
7287429
Link To Document