A New Vulnerability Reporting Framework for Software Vulnerability Databases

Kekül, Hakan; Ergen, Burhan; Arslan, Halil

doi:10.5815/ijeme.2021.03.02

Cited by 6 publications

(5 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The vulnerability framework proposed in [26] can't detect the vulnerable big data applications submitted by the users of the big data cluster. It needs for new approaches to detect the flaws by processing these vulnerable big data apps and its logs.…”

Section: Related Workmentioning

confidence: 99%

Detection of Unknown Insider Attack on Components of Big Data System: A Smart System Application for Big Data Cluster

Sabatier¹,

Saha²,

Goswami³

2022

IJCNIS

View full text Add to dashboard Cite

Big data applications running on a big data cluster, creates a set of process on different nodes and exchange data via regular network protocols. The nodes of the cluster may receive some new type of attack or unpredictable internal attack from those applications submitted by client. As the applications are allowed to run on the cluster, it may acquire multiple node resources so that the whole cluster becomes slow or unavailable to other clients. Detection of these new types of attacks is not possible using traditional methods. The cumulative network traffic of the nodes must be analyzed to detect such attacks. This work presents an efficient testbed for internal attack generation, data set creation, and attack detection in the cluster. This work also finds the nodes under attack. A new insider attack named BUSY YARN Attack has been identified and analyzed in this work. The framework can be used to recognize similar insider attacks of type DOS where target node(s) in the cluster is unpredictable.

show abstract

Section: Related Workmentioning

confidence: 99%

Detection of Unknown Insider Attack on Components of Big Data System: A Smart System Application for Big Data Cluster

Sabatier¹,

Saha²,

Goswami³

2022

IJCNIS

View full text Add to dashboard Cite

show abstract

“…Various proposed "ontological techniques" are considered, as well as comprehensive analysis of various models to ensure the safety of the cloud environment [4][5][6][7]. Much work has been done to identify and analyze software vulnerabilities, methods for reporting and classifying software security vulnerabilities [8][9][10][11][12]. Specific features of information protection focus on existing methods of localization of anomalies and current hazards in networks, statistical methods are considered as effective methods of detecting anomalies and experimental detection of the chosen method, methods of capturing and analyzing network traffic during passive monitoring of network segment [13][14][15][16][17][18].…”

Section: Related Workmentioning

confidence: 99%

Risk Forecasting of Data Confidentiality Breach Using Linear Regression Algorithm

Korystin¹,

Nataliia²,

Митина³

2022

IJCNIS

View full text Add to dashboard Cite

The paper focuses on the study of cyber security in Ukraine and creation of a predictive model for reducing the risk of identified cyber threats. Forecasting is performed using a linear regression model, taking into account the optimal dependence of specific threats in the field of cyber security of Ukraine on variables characterizing capabilities / vulnerabilities of cyber security. An unique empirical base was used for the analysis, which was formed on the basis of an expert survey of the cyber security system’s subjects in Ukraine. In order to increase the representativeness of the research, based on the selection of reliable expert population, data cleaning is provided. Methodological research is based on a risk-oriented approach, which provided a risk assessment of the spread of cyber threats and, on this basis, the determination of capabilities / vulnerabilities of the cyber security system in Ukraine. The value of the research is formed not only by assessing the risks of the spread of cyber threats, but by a more in-depth analysis of the dependence of the cyber threats’ level on the vulnerability of the cyber security system based on the search for optimal and statistically significant relationships. The experiment was conducted on the basis of determining the optimal model for forecasting the risk of the spread of one of the most significant threats in Ukraine – data confidentiality breach (54.67%), depending on the variables that characterize the capabilities / vulnerabilities of the cyber security system in Ukraine. The experiment showed that the optimal model emphasizes the predictors characterizing the vulnerability of the organizational cyber security system – "Departmental level of cybersecurity monitoring" and capabilities: "The level of use of risk management approaches at the operational level" and "The level of methodological support for cybersecurity of the critical infrastructure system".

show abstract

“…The main task of NVD staff is to analyze the vulnerability lists published in the CVE dictionary. At this stage, they use all the additional data they can collect the explanations and references found in the CVE [20,21]. As a basis for the data published in the NVD database, associated impact metrics (Common Vulnerability Scoring System -CVSS), vulnerability types (Common Vulnerability Enumeration -CWE), applicability statements (Common Platform Enumeration -CPE) and other relevant metadata are added.…”

Section: Database Usedmentioning

confidence: 99%

Estimating Missing Security Vectors in NVD Database Security Reports

KEKÜL¹,

Ergen²,

Arslan³

2022

IJEM

View full text Add to dashboard Cite

Detection and analysis of software vulnerabilities is a very important consideration. For this reason, software security vulnerabilities that have been identified for many years are listed and tried to be classified. Today, this process, performed manually by experts, takes time and is costly. Many methods have been proposed for the reporting and classification of software security vulnerabilities. Today, for this purpose, the Common Vulnerability Scoring System is officially used. The scoring system is constantly updated to cover the different security vulnerabilities included in the system, along with the changing security perception and newly developed technologies. Different versions of the scoring system are used with vulnerability reports. In order to add new versions of the published scoring system to the old vulnerability reports, all analyzes must be done manually backwards in accordance with the new security framework. This is a situation that requires a lot of resources, time and expert skill. For this reason, there are large deficiencies in the values of vulnerability scoring systems in the database. The aim of this study is to estimate missing security metrics of vulnerability reports using natural language processing and machine learning algorithms. For this purpose, a model using term frequency inverse document frequency and K-Nearest Neighbors algorithms is proposed. In addition, the obtained data was presented to the use of researchers as a new database. The results obtained are quite promising. A publicly available database was chosen as the data set that all researchers accepted as a reference. This approach facilitates the evaluation and analysis of our model. This study was performed with the largest dataset size available from this database to the best of our knowledge and is one of the limited studies on the latest version of the official scoring system published for classification of software security vulnerabilities. Due to the mentioned issues, our study is a comprehensive and original study in the field.

show abstract

A New Vulnerability Reporting Framework for Software Vulnerability Databases

Cited by 6 publications

References 12 publications

Detection of Unknown Insider Attack on Components of Big Data System: A Smart System Application for Big Data Cluster

Detection of Unknown Insider Attack on Components of Big Data System: A Smart System Application for Big Data Cluster

Risk Forecasting of Data Confidentiality Breach Using Linear Regression Algorithm

Estimating Missing Security Vectors in NVD Database Security Reports

Contact Info

Product

Resources

About