Forecasting Severity of Software Vulnerability Using Grey Model GM(1,1)
Vulnerabilities usually represents the risk level of software,and it is of high value to forecast vulnerabilities so as to evaluate the security level of software.Current researches mainly focus on predicting the number of vulnerabilities or the occurrence time of vulnerabilities,however,to our best knowledge,there are no other researches focusing on the prediction of vulnerabilities severity,which we think is an important aspect reflecting vulnerabilities and software security.To compensate for this deficiency,we borrows the grey model GM(1,1) from grey system theory to forecast the severity of vulnerabilities.The experiment is carried on the real data collected from CVE and proves the feasibility of our predicting method.
vulnerability software security severity prediction GM(1 1) grey theory
Jinkun Geng Daren Ye Ping Luo
School of Software,Beihang University,Beijing 100191,China Key Laboratory for Information System Security, Ministry of Education;Tsinghua National Laboratory f
国际会议
重庆
英文
344-348
2015-12-19(万方平台首次上网日期,不代表论文的发表时间)