Disclosure of cyber security vulnerabilities: Time series modelling

Ming Jian Tang, Mamoun Alazab, Yuxiu Luo, Matthew Donlon

Research output: Contribution to journalArticle

Abstract

Cybercriminal use of the internet continues to grow and poses a serious threat to individuals, businesses and governments. Software vulnerabilities represent a main cause of cybersecurity problems. Every day security engineers deal with a flow of cyber security incidents that are increasing. Effective management of software vulnerabilities is imperative for modern organisations regardless of their size. However, the vulnerability management processes tend to be more reactive in nature; relying on the publication of vulnerabilities, creation of signatures, and the scanning and detection process before control mitigations can be put into place. A forecasting model of the anticipated volume of future disclosures that leverages the rich historical vulnerability data will provide important insights help develop strategies for the proactive management of vulnerabilities. This study is the first to discover the existence of volatility clustering in the vulnerability disclosure trend. Through our novel framework for statistically analysing long-term vulnerability disclosures between January 1999 and January 2016, the result shows that our model can predict the likelihood that software contains yet to be discovered vulnerabilities and be exposed to future threats such as zero-day attacks. Such knowledge could be potentially an important first step in crime detection and prevention and improve security practices.

Original languageEnglish
Pages (from-to)255-275
Number of pages21
JournalInternational Journal of Electronic Security and Digital Forensics
Volume10
Issue number3
DOIs
Publication statusPublished - 1 Jan 2018

Fingerprint Dive into the research topics of 'Disclosure of cyber security vulnerabilities: Time series modelling'. Together they form a unique fingerprint.

  • Cite this