Data Modelling for Predicting Exploits
Paper i proceeding, 2018

Modern society is becoming increasingly reliant on secure computer systems. Predicting which vulnerabilities are more likely to be exploited by malicious actors is therefore an important task to help prevent cyber attacks. Researchers have tried making such predictions using machine learning. However, recent research has shown that the evaluation of such models require special sampling of training and test sets, and that previous models would have had limited utility in real world settings. This study further develops the results of recent research through the use of their sampling technique for evaluation in combination with a novel data model. Moreover, contrary to recent research, we find that using open web data can help in making better predictions about exploits, and that zero-day exploits are detrimental to the predictive powers of the model. Finally, we discovered that the initial days of vulnerability information is sufficient to make the best possible model. Given our findings, we suggest that more research should be devoted to develop refined techniques for building predictive models for exploits. Gaining more knowledge in this domain would not only help preventing cyber attacks but could yield fruitful insights in the nature of exploit development.

Exploits

Vulnerability management

Machine learning

Concept drift

Författare

Alexander Reinthal

Chalmers, Data- och informationsteknik, Nätverk och system

Eleftherios Lef Filippakis

Chalmers, Data- och informationsteknik, Nätverk och system

Magnus Almgren

Chalmers, Data- och informationsteknik, Nätverk och system

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

03029743 (ISSN) 16113349 (eISSN)

Vol. 11252 LNCS 336-351

23rd Nordic Conference on Secure IT Systems, NordSec 2018
Oslo, Norway,

Integrated cyber-physical solutions for intelligent distribution grid with high penetration of renewables (UNITED-GRID)

Europeiska kommissionen (Horisont 2020), 2017-11-01 -- 2020-04-30.

Säkra IT-system för drift och övervakning av samhällskritisk infrastruktur

Myndigheten för samhällsskydd och beredskap, 2015-09-01 -- 2020-08-31.

Ämneskategorier

Annan data- och informationsvetenskap

Datavetenskap (datalogi)

DOI

10.1007/978-3-030-03638-6_21

Mer information

Senast uppdaterat

2019-06-25