Please use this identifier to cite or link to this item:
http://hdl.handle.net/1880/48066| Title: | Security Trend Analysis with CVE Topic Models |
| Authors: | Neuhaus, Stephan Zimmermann, Thomas |
| Keywords: | Security |
| Issue Date: | 13-Aug-2010 |
| Abstract: | We study the vulnerability reports in the Common Vulnerability and Exposures (CVE) database by using topic models on their description texts to find prevalent vulnerability types and new trends semi-automatically. In our study of the 39,393 unique CVEs until the end of 2009, we identify the following trends, given here in the form of a weather forecast: PHP: declining, with occasional SQL injection. Buffer Overflows: flattening out after decline. Format Strings: in steep decline. SQL Injection and XSS: remaining strong, and rising. Cross-Site Request Forgery: a sleeping giant perhaps, stirring. Application Servers: rising steeply. |
| URI: | http://hdl.handle.net/1880/48066 |
| Appears in Collections: | Zimmermann, Thomas |
Files in This Item:
| File | Description | Size | Format | |
|---|---|---|---|---|
| 2010-970-19.pdf | 808.19 kB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.