Please use this identifier to cite or link to this item:
Title: Security Trend Analysis with CVE Topic Models
Authors: Neuhaus, Stephan
Zimmermann, Thomas
Keywords: Security
Issue Date: 13-Aug-2010
Abstract: We study the vulnerability reports in the Common Vulnerability and Exposures (CVE) database by using topic models on their description texts to find prevalent vulnerability types and new trends semi-automatically. In our study of the 39,393 unique CVEs until the end of 2009, we identify the following trends, given here in the form of a weather forecast: PHP: declining, with occasional SQL injection. Buffer Overflows: flattening out after decline. Format Strings: in steep decline. SQL Injection and XSS: remaining strong, and rising. Cross-Site Request Forgery: a sleeping giant perhaps, stirring. Application Servers: rising steeply.
Appears in Collections:Zimmermann, Thomas

Files in This Item:
File Description SizeFormat 
2010-970-19.pdf808.19 kBAdobe PDFView/Open
2010_970_19_ZIP.zip12.6 MBUnknownView/Open

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.