Disclosure of cyber security vulnerabilities

Time series modelling

Ming Jian Tang, Mamoun Alazab, Yuxiu Luo, Matthew Donlon

Research output: Contribution to journalArticleResearchpeer-review

Abstract

Cybercriminal use of the internet continues to grow and poses a serious threat to individuals, businesses and governments. Software vulnerabilities represent a main cause of cybersecurity problems. Every day security engineers deal with a flow of cyber security incidents that are increasing. Effective management of software vulnerabilities is imperative for modern organisations regardless of their size. However, the vulnerability management processes tend to be more reactive in nature; relying on the publication of vulnerabilities, creation of signatures, and the scanning and detection process before control mitigations can be put into place. A forecasting model of the anticipated volume of future disclosures that leverages the rich historical vulnerability data will provide important insights help develop strategies for the proactive management of vulnerabilities. This study is the first to discover the existence of volatility clustering in the vulnerability disclosure trend. Through our novel framework for statistically analysing long-term vulnerability disclosures between January 1999 and January 2016, the result shows that our model can predict the likelihood that software contains yet to be discovered vulnerabilities and be exposed to future threats such as zero-day attacks. Such knowledge could be potentially an important first step in crime detection and prevention and improve security practices.

Original languageEnglish
Pages (from-to)255-275
Number of pages21
JournalInternational Journal of Electronic Security and Digital Forensics
Volume10
Issue number3
DOIs
Publication statusPublished - 1 Jan 2018

Fingerprint

time series
Time series
vulnerability
Crime
Process control
Internet
Scanning
Engineers
threat
Industry
control process
process management
management
engineer
incident
offense
cause
trend
software

Cite this

@article{76ffcae65fa9419996dc6a8571b3d2c7,
title = "Disclosure of cyber security vulnerabilities: Time series modelling",
abstract = "Cybercriminal use of the internet continues to grow and poses a serious threat to individuals, businesses and governments. Software vulnerabilities represent a main cause of cybersecurity problems. Every day security engineers deal with a flow of cyber security incidents that are increasing. Effective management of software vulnerabilities is imperative for modern organisations regardless of their size. However, the vulnerability management processes tend to be more reactive in nature; relying on the publication of vulnerabilities, creation of signatures, and the scanning and detection process before control mitigations can be put into place. A forecasting model of the anticipated volume of future disclosures that leverages the rich historical vulnerability data will provide important insights help develop strategies for the proactive management of vulnerabilities. This study is the first to discover the existence of volatility clustering in the vulnerability disclosure trend. Through our novel framework for statistically analysing long-term vulnerability disclosures between January 1999 and January 2016, the result shows that our model can predict the likelihood that software contains yet to be discovered vulnerabilities and be exposed to future threats such as zero-day attacks. Such knowledge could be potentially an important first step in crime detection and prevention and improve security practices.",
keywords = "Cyber security, Cybercrime, Generalised autoregressive conditional heteroskedasticity, Risk analysis, Time series, Volatility, Vulnerability disclosure",
author = "Tang, {Ming Jian} and Mamoun Alazab and Yuxiu Luo and Matthew Donlon",
year = "2018",
month = "1",
day = "1",
doi = "10.1504/IJESDF.2018.093018",
language = "English",
volume = "10",
pages = "255--275",
journal = "International Journal of Electronic Security and Digital Forensics",
issn = "1751-911X",
publisher = "Inderscience Enterprises Ltd",
number = "3",

}

Disclosure of cyber security vulnerabilities : Time series modelling. / Tang, Ming Jian; Alazab, Mamoun; Luo, Yuxiu; Donlon, Matthew.

In: International Journal of Electronic Security and Digital Forensics, Vol. 10, No. 3, 01.01.2018, p. 255-275.

Research output: Contribution to journalArticleResearchpeer-review

TY - JOUR

T1 - Disclosure of cyber security vulnerabilities

T2 - Time series modelling

AU - Tang, Ming Jian

AU - Alazab, Mamoun

AU - Luo, Yuxiu

AU - Donlon, Matthew

PY - 2018/1/1

Y1 - 2018/1/1

N2 - Cybercriminal use of the internet continues to grow and poses a serious threat to individuals, businesses and governments. Software vulnerabilities represent a main cause of cybersecurity problems. Every day security engineers deal with a flow of cyber security incidents that are increasing. Effective management of software vulnerabilities is imperative for modern organisations regardless of their size. However, the vulnerability management processes tend to be more reactive in nature; relying on the publication of vulnerabilities, creation of signatures, and the scanning and detection process before control mitigations can be put into place. A forecasting model of the anticipated volume of future disclosures that leverages the rich historical vulnerability data will provide important insights help develop strategies for the proactive management of vulnerabilities. This study is the first to discover the existence of volatility clustering in the vulnerability disclosure trend. Through our novel framework for statistically analysing long-term vulnerability disclosures between January 1999 and January 2016, the result shows that our model can predict the likelihood that software contains yet to be discovered vulnerabilities and be exposed to future threats such as zero-day attacks. Such knowledge could be potentially an important first step in crime detection and prevention and improve security practices.

AB - Cybercriminal use of the internet continues to grow and poses a serious threat to individuals, businesses and governments. Software vulnerabilities represent a main cause of cybersecurity problems. Every day security engineers deal with a flow of cyber security incidents that are increasing. Effective management of software vulnerabilities is imperative for modern organisations regardless of their size. However, the vulnerability management processes tend to be more reactive in nature; relying on the publication of vulnerabilities, creation of signatures, and the scanning and detection process before control mitigations can be put into place. A forecasting model of the anticipated volume of future disclosures that leverages the rich historical vulnerability data will provide important insights help develop strategies for the proactive management of vulnerabilities. This study is the first to discover the existence of volatility clustering in the vulnerability disclosure trend. Through our novel framework for statistically analysing long-term vulnerability disclosures between January 1999 and January 2016, the result shows that our model can predict the likelihood that software contains yet to be discovered vulnerabilities and be exposed to future threats such as zero-day attacks. Such knowledge could be potentially an important first step in crime detection and prevention and improve security practices.

KW - Cyber security

KW - Cybercrime

KW - Generalised autoregressive conditional heteroskedasticity

KW - Risk analysis

KW - Time series

KW - Volatility

KW - Vulnerability disclosure

UR - http://www.scopus.com/inward/record.url?scp=85049561488&partnerID=8YFLogxK

U2 - 10.1504/IJESDF.2018.093018

DO - 10.1504/IJESDF.2018.093018

M3 - Article

VL - 10

SP - 255

EP - 275

JO - International Journal of Electronic Security and Digital Forensics

JF - International Journal of Electronic Security and Digital Forensics

SN - 1751-911X

IS - 3

ER -