City Research Online

Cluster-based Vulnerability Assessment Applied to Operating Systems

Movahedi, Y., Cukier, M., Andongabo, A. and Gashi, I. (2017). Cluster-based Vulnerability Assessment Applied to Operating Systems. Paper presented at the 13th European Dependable Computing Conference, 4-8 Sep 2017, Geneva, Switzerland.

Abstract

Organizations face the issue of how to best allocate their security resources. Thus, they need an accurate method for assessing how many new vulnerabilities will be reported for the operating systems (OSs) they use in a given time period. Our approach consists of clustering vulnerabilities by leveraging the text information within vulnerability records, and then simulating the mean value function of vulnerabilities by relaxing the monotonic intensity function assumption, which is prevalent among the studies that use software reliability models (SRMs) and nonhomogeneous Poisson process (NHPP) in modeling. We applied our approach to the vulnerabilities of four OSs: Windows, Mac, IOS, and Linux. For the OSs analyzed in terms of curve fitting and prediction capability, our results, compared to a power-law model without clustering issued from a family of SRMs, are more accurate in all cases we analyzed.

Publication Type: Conference or Workshop Item (Paper)
Additional Information: © 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Publisher Keywords: Vulnerability assessment, Nonhomogeneous Poisson process, Clustering, Software reliability models
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Departments: School of Mathematics, Computer Science & Engineering > Computer Science > Software Reliability
URI: http://openaccess.city.ac.uk/id/eprint/17585
[img]
Preview
Text - Accepted Version
Download (368kB) | Preview

Export

Downloads

Downloads per month over past year

View more statistics

Actions (login required)

Admin Login Admin Login