12 May 2016 A preliminary analysis of quantifying computer security vulnerability data in "the wild"
Author Affiliations +
A system of computers, networks and software has some level of vulnerability exposure that puts it at risk to criminal hackers. Presently, most vulnerability research uses data from software vendors, and the National Vulnerability Database (NVD). We propose an alternative path forward through grounding our analysis in data from the operational information security community, i.e. vulnerability data from "the wild". In this paper, we propose a vulnerability data parsing algorithm and an in-depth univariate and multivariate analysis of the vulnerability arrival and deletion process (also referred to as the vulnerability birth-death process). We find that vulnerability arrivals are best characterized by the log-normal distribution and vulnerability deletions are best characterized by the exponential distribution. These distributions can serve as prior probabilities for future Bayesian analysis. We also find that over 22% of the deleted vulnerability data have a rate of zero, and that the arrival vulnerability data is always greater than zero. Finally, we quantify and visualize the dependencies between vulnerability arrivals and deletions through a bivariate scatterplot and statistical observations.
© (2016) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Katheryn A. Farris, Katheryn A. Farris, Sean R. McNamara, Sean R. McNamara, Adam Goldstein, Adam Goldstein, George Cybenko, George Cybenko, "A preliminary analysis of quantifying computer security vulnerability data in "the wild"", Proc. SPIE 9825, Sensors, and Command, Control, Communications, and Intelligence (C3I) Technologies for Homeland Security, Defense, and Law Enforcement Applications XV, 98250T (12 May 2016); doi: 10.1117/12.2230589; https://doi.org/10.1117/12.2230589


Study on global cloud computing research trend
Proceedings of SPIE (January 09 2014)
ICT, complementary investment, and firm performance in China
Proceedings of SPIE (January 12 2012)
Models of information security trend analysis
Proceedings of SPIE (August 13 2002)
CargoTIPS: an innovative approach to combating cargo theft
Proceedings of SPIE (December 27 1998)
Clustering recommendations to compute agent reputation
Proceedings of SPIE (March 27 2005)

Back to Top