摘要: Every day numerous new vulnerabilities and exploits are reported for a wide variety of different software configurations. There is big need to be able quickly assess associated risks sort out which that likely exploited in real-world attacks. A small percentage all account almost the observed attack volume. We use machine learning make automatic predictions unseen based on previous exploit patterns.
sci-hub.se 参考文章(9)
Kartik Nayak, Daniel Marino, Petros Efstathopoulos, Tudor Dumitraş, Some Vulnerabilities Are Different Than Others recent advances in intrusion detection. pp. 426- 446 ,(2014) , 10.1007/978-3-319-11379-1_21
Michel Edkrantz, Predicting Exploit Likelihood for Cyber Vulnerabilities with Machine Learning Chalmers University of Technology. ,(2015)
Tudor Dumitras, Carl Sabottke, Octavian Suciu, Vulnerability disclosure in the age of social media: exploiting twitter for predicting real-world exploits usenix security symposium. pp. 1041- 1056 ,(2015)
Mehran Bozorgi, Lawrence K. Saul, Stefan Savage, Geoffrey M. Voelker, Beyond heuristics: learning to classify vulnerabilities and predict exploits knowledge discovery and data mining. pp. 105- 114 ,(2010) , 10.1145/1835804.1835821
Stefan Frei, Martin May, Ulrich Fiedler, Bernhard Plattner, Large-scale vulnerability analysis Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense - LSAD '06. pp. 131- 138 ,(2006) , 10.1145/1162666.1162671
Fabian Pedregosa, Gaël Varoquaux, Alexandre Gramfort, Vincent Michel, Bertrand Thirion, Olivier Grisel, Mathieu Blondel, Andreas Müller, Joel Nothman, Gilles Louppe, Peter Prettenhofer, Ron Weiss, Vincent Dubourg, Jake Vanderplas, Alexandre Passos, David Cournapeau, Matthieu Brucher, Matthieu Perrot, Édouard Duchesnay, Scikit-learn: Machine Learning in Python Journal of Machine Learning Research. ,vol. 12, pp. 2825- 2830 ,(2011)
Luca Allodi, Fabio Massacci, A preliminary analysis of vulnerability scores for attacks in wild Proceedings of the 2012 ACM Workshop on Building analysis datasets and gathering experience returns for security - BADGERS '12. pp. 17- 24 ,(2012) , 10.1145/2382416.2382427
Petros Efstathopoulos, Tudor Dumitras, Kartik Nayak, Daniel Marino, Some Vulnerabilities Are Different Than Others - Studying Vulnerabilities and Attack Surfaces in the Wild. recent advances in intrusion detection. pp. 426- 446 ,(2014)
Dominik Schatzmann, Brian Trammell, Stefan Frei, Bernhard Plattner, Modelling the Security Ecosystem- The Dynamics of (In)Security. WEIS. ,(2009)