Security Trend Analysis with CVE Topic Models
| dc.contributor.author | Neuhaus, Stephan | eng |
| dc.contributor.author | Zimmermann, Thomas | eng |
| dc.date.accessioned | 2010-08-13T16:35:56Z | |
| dc.date.available | 2010-08-13T16:35:56Z | |
| dc.date.issued | 2010-08-13T16:35:56Z | |
| dc.description.abstract | We study the vulnerability reports in the Common Vulnerability and Exposures (CVE) database by using topic models on their description texts to find prevalent vulnerability types and new trends semi-automatically. In our study of the 39,393 unique CVEs until the end of 2009, we identify the following trends, given here in the form of a weather forecast: PHP: declining, with occasional SQL injection. Buffer Overflows: flattening out after decline. Format Strings: in steep decline. SQL Injection and XSS: remaining strong, and rising. Cross-Site Request Forgery: a sleeping giant perhaps, stirring. Application Servers: rising steeply. | eng |
| dc.description.refereed | No | eng |
| dc.identifier.department | 2010-970-19 | eng |
| dc.identifier.doi | http://dx.doi.org/10.11575/PRISM/31260 | |
| dc.identifier.uri | http://hdl.handle.net/1880/48066 | |
| dc.language.iso | eng | eng |
| dc.publisher.corporate | University of Calgary | eng |
| dc.publisher.faculty | Science | eng |
| dc.subject | Security | eng |
| dc.subject.other | Security, trends, machine learning | eng |
| dc.title | Security Trend Analysis with CVE Topic Models | eng |
| dc.type | technical report | eng |
| thesis.degree.discipline | Computer Science | eng |
Files
License bundle
1 - 1 of 1
No Thumbnail Available
- Name:
- license.txt
- Size:
- 1.86 KB
- Format:
- Item-specific license agreed upon to submission
- Description: