Bullough et al., 2017 - Google Patents
Predicting exploitation of disclosed software vulnerabilities using open-source dataBullough et al., 2017
View PDF- Document ID
- 1326519275299966725
- Author
- Bullough B
- Yanchenko A
- Smith C
- Zipkin J
- Publication year
- Publication venue
- Proceedings of the 3rd ACM on International Workshop on Security and Privacy Analytics
External Links
Snippet
Each year, thousands of software vulnerabilities are discovered and reported to the public. Unpatched known vulnerabilities are a significant security risk. It is imperative that software vendors quickly provide patches once vulnerabilities are known and users quickly install …
- 238000010801 machine learning 0 abstract description 7
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2145—Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N99/00—Subject matter not provided for in other groups of this subclass
- G06N99/005—Learning machines, i.e. computer in which a programme is changed according to experience gained by the machine itself during a complete run
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computer systems utilising knowledge based models
- G06N5/02—Knowledge representation
- G06N5/022—Knowledge engineering, knowledge acquisition
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce, e.g. shopping or e-commerce
- G06Q30/01—Customer relationship, e.g. warranty
- G06Q30/018—Business or product certification or verification
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Bullough et al. | Predicting exploitation of disclosed software vulnerabilities using open-source data | |
| Alsaheel et al. | {ATLAS}: A sequence-based learning approach for attack investigation | |
| Elbaz et al. | Fighting N-day vulnerabilities with automated CVSS vector prediction at disclosure | |
| US11892897B2 (en) | Systems and methods for predicting which software vulnerabilities will be exploited by malicious hackers to prioritize for patching | |
| Ayoade et al. | Automated threat report classification over multi-source data | |
| Almukaynizi et al. | Patch before exploited: An approach to identify targeted software vulnerabilities | |
| Majumdar et al. | LeaPS: Learning-based proactive security auditing for clouds | |
| Lounici et al. | Optimizing Leak Detection in Open-source Platforms with Machine Learning Techniques. | |
| Jiang et al. | An insider threat detection method based on user behavior analysis | |
| Kim et al. | Ban: Predicting apt attack based on bayesian network with mitre att&ck framework | |
| Hossain et al. | Automatic event categorizer for SIEM | |
| Alhassan et al. | A fuzzy classifier-based penetration testing for web applications | |
| Wymberry et al. | An approach to measure the effectiveness of the mitre atlas framework in safeguarding machine learning systems against data poisoning attack | |
| Coulter et al. | Unmasking windows advanced persistent threat execution | |
| Raman et al. | Online classification with predictions | |
| Alkinoon et al. | Industry-specific vulnerability assessment | |
| Awang et al. | Automated security testing framework for detecting SQL injection vulnerability in web application | |
| Cheng et al. | TAGAPT: Towards Automatic Generation of APT Samples with Provenance-level Granularity | |
| Kumar et al. | Admin: Attacks on dataset, model and input. a threat model for ai based software | |
| Liu et al. | Graph neural network based approach to automatically assigning common weakness enumeration identifiers for vulnerabilities | |
| Hilabi et al. | Windows operating system malware detection using machine learning | |
| Saint-Hilaire et al. | Matching Knowledge Graphs for Cybersecurity Countermeasures Selection | |
| Regano et al. | Towards automatic risk analysis and mitigation of software applications | |
| Sotos Martínez et al. | A survey on the state of the art of vulnerability assessment techniques | |
| Sabnani | Computer security: A machine learning approach |