English
Related papers

Related papers: A Non-Intrusive and Context-Based Vulnerability Sc…

200 papers

Qualifying and ranking threat degrees of vulnerabilities in cloud service are known to be full of challenges. Although there have been several efforts aiming to address this problem, most of them are too simple or cannot be applied into…

Cryptography and Security · Computer Science 2016-12-07 He Zhu

The Common Vulnerability Scoring System (CVSS) is a popular method for evaluating the severity of vulnerabilities in vulnerability management. In the evaluation process, a numeric score between 0 and 10 is calculated, 10 being the most…

Cryptography and Security · Computer Science 2024-05-09 Julia Wunder , Andreas Kurtz , Christian Eichenmüller , Freya Gassmann , Zinaida Benenson

The number of newly published vulnerabilities is constantly increasing. Until now, the information available when a new vulnerability is published is manually assessed by experts using a Common Vulnerability Scoring System (CVSS) vector and…

Cryptography and Security · Computer Science 2022-10-06 Philipp Kuehn , David N. Relke , Christian Reuter

Organizations struggle to handle sheer number of vulnerabilities in their cloud environments. The de facto methodology used for prioritizing vulnerabilities is to use Common Vulnerability Scoring System (CVSS). However, CVSS has inherent…

Cryptography and Security · Computer Science 2022-06-23 Muhammed Fatih Bulut , Abdulhamid Adebayo , Daby Sow , Steve Ocepek

The assessment of new vulnerabilities is an activity that accounts for information from several data sources and produces a `severity' score for the vulnerability. The Common Vulnerability Scoring System (\CVSS) is the reference standard…

Cryptography and Security · Computer Science 2018-03-22 Luca Allodi , Sebastian Banescu , Henning Femmer , Kristian Beckers

Accurately assessing software vulnerabilities is essential for effective prioritization and remediation. While various scoring systems exist to support this task, their differing goals, methodologies and outputs often lead to inconsistent…

Cryptography and Security · Computer Science 2025-08-20 Viktoria Koscinski , Mark Nelson , Ahmet Okutan , Robert Falso , Mehdi Mirakhorli

Testing is the most widely employed method to find vulnerabilities in real-world software programs. Compositional analysis, based on symbolic execution, is an automated testing method to find vulnerabilities in medium- to large-scale…

Software Engineering · Computer Science 2018-07-25 Saahil Ognawala , Ricardo Nales Amato , Alexander Pretschner , Pooja Kulkarni

Understanding the landscape of software vulnerabilities is key for developing effective security solutions. Fortunately, the evaluation of vulnerability databases that use a framework for communicating vulnerability attributes and their…

Cryptography and Security · Computer Science 2021-02-04 Assane Gueye , Peter Mell

Various researchers have shown that the Common Vulnerability Scoring System (CVSS) has many drawbacks and may not provide a precise view of the risks related to software vulnerabilities. However, many threat intelligence platforms and…

Cryptography and Security · Computer Science 2018-07-30 Milda Petraityte , Ali Dehghantanha , Gregory Epiphaniou

When a new computer security vulnerability is publicly disclosed, only a textual description of it is available. Cybersecurity experts later provide an analysis of the severity of the vulnerability using the Common Vulnerability Scoring…

Computation and Language · Computer Science 2021-11-17 Mustafizur Shahid , Hervé Debar

Recent progress in ML and LLMs has improved vulnerability detection, and recent datasets have reduced label noise and unrelated code changes. However, most existing approaches still operate at the function level, where models are asked to…

Cryptography and Security · Computer Science 2026-02-09 Yikun Li , Ting Zhang , Jieke Shi , Chengran Yang , Junda He , Xin Zhou , Jinfeng Jiang , Huihui Huang , Wen Bin Leow , Yide Yin , Eng Lieh Ouh , Lwin Khin Shar , David Lo

Background: Timely prioritising and remediating vulnerabilities are paramount in the dynamic cybersecurity field, and one of the most widely used vulnerability scoring systems (CVSS) does not address the increasing likelihood of emerging an…

Cryptography and Security · Computer Science 2024-05-15 Miguel Santana , Vinicius V. Cogo , Alan Oliveira de Sá

Mainstream software applications and tools are the configurable platforms with an enormous number of parameters along with their values. Certain settings and possible interactions between these parameters may harden (or soften) the security…

Software Engineering · Computer Science 2020-06-17 Shuvalaxmi Dass , Akbar Siami Namin

Cloud systems are dynamic environments which make it difficult to keep track of security risks that resources are exposed to. Traditionally, risk assessment is conducted for individual assets to evaluate existing threats; their results,…

Cryptography and Security · Computer Science 2022-06-16 Immanuel Kunz , Angelika Schneider , Christian Banse

Software Vulnerability (SV) severity assessment is a vital task for informing SV remediation and triage. Ranking of SV severity scores is often used to advise prioritization of patching efforts. However, severity assessment is a difficult…

Software Engineering · Computer Science 2022-01-19 Roland Croft , M. Ali Babar , Li Li

By virtue of technology and benefit advantages, cloud computing has increasingly attracted a large number of potential cloud consumers (PCC) plan to migrate the traditional business to the cloud service. However, trust has become one of the…

Distributed, Parallel, and Cluster Computing · Computer Science 2023-05-12 Xiang Li

Traditional security scanners fail when facing new attack patterns they haven't seen before. They rely on fixed rules and predetermined signatures, making them blind to novel threats. We present a fundamentally different approach: instead…

Cryptography and Security · Computer Science 2025-11-21 Ayush Chaudhary

Vulnerability assessment is a critical challenge in cybersecurity, particularly in industrial environments. This work presents an innovative approach by incorporating the temporal dimension into vulnerability assessment, an aspect neglected…

Cryptography and Security · Computer Science 2026-01-30 Stefano Perone , Simone Guarino , Luca Faramondi , Roberto Setola

As the number of Common Vulnerabilities and Exposures (CVE) continues to grow exponentially, security teams face increasingly difficult decisions about prioritization. Current approaches using Common Vulnerability Scoring System (CVSS)…

Cryptography and Security · Computer Science 2026-03-05 Naoyuki Shimizu , Masaki Hashimoto

A system vulnerability analysis technique (SVAT) for complex mission critical systems (CMCS) was developed in response to the need to be able to conduct penetration testing on large industrial systems which cannot be taken offline or risk…

Cryptography and Security · Computer Science 2023-06-08 Matthew Tassava , Cameron Kolodjski , Jeremy Straub
‹ Prev 1 2 3 10 Next ›